PALO ALTO, CALIFORNIA—MARCH 16, 2022—CyCognito today announced the addition of ‘Exploit Intelligence’ to its suite of External Surface Attack Management solutions. Exploit Intelligence offers an end-to-end solution that prioritizes which risks to remediate immediately—before they are exploited—by proactively discovering external assets, testing vulnerabilities, and providing expert threat- and risk-based insight.
Developed to help security teams focus on the most critical risks first, Exploit Intelligence creates in-platform Advisories about threats being exploited in-the-wild and aligns them with risks in the organization’s external attack surface. The platform also automates pen testing and red teaming processes including reconnaissance, security testing at-scale, exploit analysis to determine how safe exploits are to use. It then provides guidance on how to actually use exploits—so that security experts can work more effectively and efficiently.
“External attack surface management provides an outside-in perspective that helps organizations see themselves as an attacker would. Adding a layer of threat intelligence—information about what attackers are actually doing—helps sharpen that point of view,” said Jon Oltsik, ESG Senior Principal Analyst and ESG Fellow. “When you know what attackers are doing in the wild, how they see your organization, and where you are vulnerable to their latest actions, it enables you to focus and accelerate remediation on high-risk priorities that must be addressed quickly.”
“The recent Log4j vulnerability proved that most security teams lack the insight to understand how they are being impacted, what issues to prioritize and what steps to take to neutralize potential threats,'' said Rob Gurzeev, CEO and co-founder, CyCognito. “That’s because there’s a critical gap in vulnerability management: tying internet-exposed vulnerabilities with in-the-wild attacker activity. Exploit Intelligence provides the level of visibility, testing capabilities and expert guidance so security teams canquicklyfind and prioritize issues before a threat becomes a serious breach. Many of our customers, like Tesco, are already seeing benefits from Exploit Intelligence, which helps them prioritize exploitable attack surface issues in the right order.”
Primary features and benefits of Exploit Intelligence include:
- Expert Advisories:Leverage curated threat intelligence to show how vulnerabilities are being actively exploited by attackers in the wild and how those threats map to vulnerabilities in their attack surface. A detailed summary graph paints a clear picture of assets at risk, and details about what subset of assets remain vulnerable and what subset are protected.
- Exploit Validation:Receivestep-by-step guidance to safely exploit vulnerabilities and simulate breaches. Simulation makes it possible to validate your security countermeasures and evidence by finding the presence or lack of Indicators Of Compromise in your SIEM, XDR. Leverage MITRE ATT&CK Framework mappings to better communicate and understand potential adversary behavior.
- Communicate to Stakeholders:Leverage information about threats in-the-wild and combine that with the state of your attack surface to help answer questions like, “are we impacted by this latest issue?”
We invite you to watch our on-demand webinar, “Bye Bye Threat Intelligence! Hello Risk Intelligence” that features an overview of the new insights in the CyCognito platform delivered by Exploit Intelligence.
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure. Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. The Palo Alto-based company is funded by leading Silicon Valley venture capitalists, and its mission is to help organizations protect themselves from even the most sophisticated attackers. It does this with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers.