Attack Surface Management Leader CyCognito Delivers Over Five Billion External Asset Tests

Company provides organizations comprehensive active security testing of all externally-exposed assets

Palo Alto, California – December 13, 2023

CyCognito today announced it has provided over five billion high-precision, interactive security tests of external attack surface assets since the company's inception. The tests actively assess millions of assets across tens of thousands of organizations and subsidiaries across CyCognito's customer base of both emerging and large organizations.

The CyCognito platform is the first EASM solution to perform active security testing of all of an organization's externally-exposed assets. Active test engines go further than the passive scanning technologies used in most EASM and vulnerability management products, interacting repeatedly with a digital asset to reach success criteria defined by the test methodology.

To ensure security teams aren't overwhelmed with a large volume of findings, CyCognito uses high-precision tests, including Dynamic Application Security Testing (DAST), combined with issue prioritization based on business context and risk. The result is fewer, more-urgent risks, which enable organizations to set realistic and measurable remediation goals. This insight enables security and operations teams to confidently act on the most important issues to their infrastructure at all times.

"Discovery is critical to comprehensive attack surface management, but if you're not actively testing all your external assets—which are often the primary targets for outside breaches—you will set your organization up for failure," Ansh Patnaik, Chief Product Officer, CyCognito. "However, actively testing the entire external attack surface presents significant challenges, primarily due to its vast scale. Additionally, unobtrusive and low-impact testing is essential to accurately simulate an attacker's actions. This is precisely what CyCognito solves for."

Patnaik continued, "Organizations are often only aware of 10 to 30 percent of their infrastructure and are only able to test a fraction of what they know about, resulting in blind spots that become opportunities for attackers. CyCognito solves the challenges of active testing across external attack surfaces at scale by continuously identifying and testing all external assets."

CyCognito's testing platform offers the following features:

• Validated Accuracy: Industry-leading active testing with global scalability for millions of assets provides incredible precision with verifiable findings.
• Expanded Coverage: Most organizations actively test a small fraction of their total assets. CyCognito leverages active testing across the entire attack surface—ensuring no risks are unaccounted for.
• Continuous, Comprehensive Testing Coverage: Active testing of the entire attack surface on a customized cadence means that assets are tested on a bi-weekly, weekly, or daily cadence, rather than once a year or once a quarter.
• High Fidelity, Minimal Interaction: A full suite of tailored tests based on asset type and services are carefully monitored to avoid impact on sensitive infrastructure.
• Reduction in Manual Workload: CyCognito's active testing system automates tens of thousands of tests across the entire attack surface and integrates with leading Configuration Management Databases (CMDB), Cyber Asset Attack Surface Management solutions (CAASM), and ticketing solutions—allowing security teams to focus on meaningful tasks.
• Prioritize Real Risks: Prioritize based on importance of the asset to the organization, attractiveness to cybercriminals, exploitability by attackers, and risk severity.