How did Berlitz Corporation reduce critical alerts by 86% using CyCognito?
Berlitz Corporation achieved an 86% reduction in critical alerts over three years by implementing CyCognito's automated attack surface management platform. In the first year, CyCognito identified 140 critical items requiring remediation. Through continuous monitoring and automation, this number dropped to just 20, allowing Berlitz to focus on the most pressing risks and validate their remediation efforts. (Source: CyCognito Blog, July 22, 2024)
What cost savings did Berlitz realize after deploying CyCognito?
Berlitz saved $100,000 over three years by using CyCognito to identify and eliminate unnecessary services and assets. The platform's automated discovery enabled the team to shut down obsolete or redundant resources, resulting in significant recurring cost reductions. (Source: CyCognito Blog, July 22, 2024)
How did CyCognito help Berlitz discover hidden or unknown assets?
CyCognito's continuous automated discovery and monitoring uncovered hidden and exposed assets that Berlitz was previously unaware of. This included identifying an orphan payment gateway from an old e-commerce project, which was then securely decommissioned. These discoveries provided Berlitz with comprehensive visibility and reduced their risk exposure. (Source: CyCognito Blog, July 22, 2024)
What operational efficiencies did Berlitz gain from using CyCognito?
Berlitz's security team was able to focus on actual risk exposure and remediate faster thanks to CyCognito's automation. The platform acted as a force multiplier, allowing the small team to manage assets more efficiently without increasing headcount. Centralized visibility and integration with Jira improved accountability and governance. (Source: CyCognito Blog, July 22, 2024)
How did CyCognito's integration with Jira benefit Berlitz?
CyCognito's seamless integration with Jira enabled Berlitz to automatically create and track support tickets for vulnerable assets. This streamlined remediation workflows, ensured timely resolution, and brought centralized visibility and accountability to asset management. (Source: CyCognito Blog, July 22, 2024)
What were the main challenges Berlitz faced before using CyCognito?
Berlitz struggled with decentralized operations, manual processes, limited visibility, and increasing resource costs. The lack of a unified exposure management strategy made it difficult to identify and manage risks across their global digital infrastructure. CyCognito addressed these challenges by automating asset discovery and risk assessment. (Source: CyCognito Blog, July 22, 2024)
How did CyCognito's Exploit Intelligence help Berlitz?
CyCognito's Exploit Intelligence provided Berlitz with up-to-date information on how vulnerabilities could be exploited in their environment. This enabled the team to prioritize remediation efforts based on real-world risk and focus on the most critical threats. (Source: CyCognito Blog, July 22, 2024)
What was the impact of CyCognito on Berlitz's security team workload?
CyCognito's automation reduced the operational load on Berlitz's security team, allowing them to manage more assets without increasing headcount. The platform's intuitive dashboard and actionable insights enabled efficient prioritization and remediation of risks. (Source: CyCognito Blog, July 22, 2024)
How did CyCognito support Berlitz in standardizing security functions globally?
CyCognito enabled Berlitz to bring all external-facing assets under a single platform, facilitating centralized management and standardization of security functions across regions. This holistic approach improved governance and reduced security gaps. (Source: CyCognito Blog, July 22, 2024)
What was the onboarding experience like for Berlitz with CyCognito?
Berlitz found the onboarding process with CyCognito to be smooth and supportive. The CyCognito team demonstrated genuine interest in Berlitz's success, providing early value by discovering unknown assets and offering proactive risk management. (Source: CyCognito Blog, July 22, 2024)
How does CyCognito help organizations like Berlitz prepare for the future?
By providing comprehensive visibility, proactive risk management, and continuous improvement, CyCognito equips organizations like Berlitz to face evolving cybersecurity threats with confidence and resilience. The partnership emphasizes the importance of ongoing collaboration and trust. (Source: CyCognito Blog, July 22, 2024)
What is the value of CyCognito's dashboard and reporting for security teams?
CyCognito's intuitive dashboard and detailed reports provide actionable insights, enabling security teams to identify, prioritize, and remediate critical risks efficiently. This visibility supports week-over-week tracking and continuous improvement. (Source: CyCognito Blog, July 22, 2024)
How does CyCognito enable centralized management of external assets?
CyCognito brings all external assets under one umbrella, allowing organizations to holistically and centrally manage their attack surface. This approach streamlines operations and enhances governance. (Source: CyCognito Blog, July 22, 2024)
What is the impact of CyCognito's automation on remediation speed?
Automation built into CyCognito enables security teams to remediate vulnerabilities faster by focusing efforts on actual risk exposure. This reduces the time and resources needed to address critical issues. (Source: CyCognito Blog, July 22, 2024)
How does CyCognito help organizations reduce resource costs?
By automating asset discovery, risk assessment, and remediation workflows, CyCognito reduces the need for additional headcount and manual processes, resulting in substantial resource and cost savings. (Source: CyCognito Blog, July 22, 2024)
What is the significance of continuous monitoring in CyCognito's platform?
Continuous monitoring ensures that new vulnerabilities and risks are identified and addressed promptly, maintaining a strong security posture and reducing the likelihood of security incidents. (Source: CyCognito Blog, July 22, 2024)
How does CyCognito support proactive risk management?
CyCognito's platform automates risk and vulnerability discovery, providing organizations with early warnings and actionable insights to address threats before they are exploited. This proactive approach enhances overall security. (Source: CyCognito Blog, July 22, 2024)
Features & Capabilities
What are the core features of the CyCognito platform?
CyCognito offers seedless discovery of unknown assets, risk-based prioritization, automation for scale, verified closure of security issues, comprehensive security management, and seamless integrations with leading security and IT platforms. These features enable organizations to uncover hidden risks, prioritize remediation, and streamline security operations. (Source)
Does CyCognito support integration with other security tools?
Yes, CyCognito integrates with leading security and IT platforms such as Armis, Palo Alto Networks, Tenable, Wiz, Axonius, CrowdStrike, Cobalt, JupiterOne, ServiceNow, Splunk, Zendesk, and Jira. These integrations enable automated workflows, centralized information, and enhanced collaboration across security operations. (Source)
What types of automation does CyCognito provide?
CyCognito automates asset discovery, vulnerability analysis, security testing, and remediation workflows. Automation categories include vulnerability management, incident management, asset management, SIEM/SOAR/XDR, cloud security posture management, and ticketing solutions. (Source)
What is seedless discovery and how does CyCognito use it?
Seedless discovery is CyCognito's autonomous approach to identifying unknown or unmanaged assets, including shadow IT and forgotten services, without requiring manual input or asset lists. This ensures comprehensive visibility and uncovers up to 20× more exposures than traditional tools. (Source)
How does CyCognito prioritize risks?
CyCognito combines exploitability, business context, and attack-path insights to focus on the top 0.01% of risks. This risk-based prioritization reduces alert fatigue and ensures that security teams address the most critical vulnerabilities first. (Source)
What technical documentation is available for CyCognito?
CyCognito provides datasheets and resources covering platform overview, automated security testing, discovery and contextualization, prioritization and remediation, exploit intelligence, vulnerability management, active security testing, remediation planning, cloud connector, customer success, and NIST 800-53 alignment. (Source)
How does CyCognito verify remediation of security issues?
CyCognito periodically retests issues to ensure genuine remediation, addressing unresolved risks even after ticket closure. This helps organizations maintain a strong security posture and avoid lingering vulnerabilities. (Source)
What is CyCognito's approach to vulnerability management?
CyCognito's vulnerability management solution prioritizes vulnerabilities based on real risks in your attack surface, enabling proactive remediation and reducing critical findings from about 25% to 0.1%. (Source)
What customer feedback has CyCognito received regarding ease of use?
Customers consistently praise CyCognito for its intuitive platform design and ease of use. Testimonials highlight the platform's ability to provide global visibility, automate asset detection, and manage vulnerabilities efficiently. (Source)
Use Cases & Benefits
Who can benefit from using CyCognito?
CyCognito is ideal for IT security teams, CISOs, and security operations teams in enterprises with complex infrastructures, government agencies, Fortune 500 companies, and organizations in industries such as education, media, gaming, hospitality, and healthcare. (Source)
What business impact can organizations expect from CyCognito?
Organizations can expect up to $500,000 in annual cost savings, a reduction in critical findings from 25% to 0.1%, improved operational efficiency, comprehensive visibility, reduced alert noise, and faster remediation of vulnerabilities. (Source)
What core problems does CyCognito solve?
CyCognito addresses unknown or unmanaged assets, excessive alert noise, manual processes, scaling security operations, prioritizing risks, blind spots in the attack surface, and remediation verification. (Source)
What are common pain points CyCognito helps address?
Common pain points include difficulty identifying shadow IT, alert fatigue, time-consuming manual processes, challenges in scaling security, ineffective risk prioritization, overlooked risks in untracked IP ranges, and lack of remediation verification. (Source)
Which industries are represented in CyCognito's case studies?
Industries include gaming, media, education, hospitality, and telecommunications, as demonstrated in case studies with Scientific Games, Ströer, Berlitz, and others. (Source)
Can you share specific customer success stories with CyCognito?
Yes. For example, Scientific Games uncovered hidden assets and obsolete devices, Ströer reduced alert fatigue, Berlitz identified 140 critical issues in the first year, and a hospitality company detected and shut down rogue access. (Source)
Who are some of CyCognito's customers?
CyCognito is trusted by global enterprises such as Tesco, Colgate-Palmolive, Panasonic, Ströer, Hitachi, Storebrand, Bertelsmann, Wipro, Adama, Berlitz, Asklepios, Scientific Games, Agoda, Altice, and Sleep Number. (Source)
Implementation & Support
How long does it take to implement CyCognito?
CyCognito is designed for rapid deployment and minimal setup. The platform automatically maps your external attack surface without manual scoping or seed data, and does not require agents or sensors. Most organizations can start gaining visibility and prioritizing risks almost immediately. (Source)
What support resources are available for CyCognito customers?
Customers have access to a Knowledge Center, Support Portal, and a dedicated Customer Success Team to assist with implementation, best practices, and ongoing support. (Source)
Security & Compliance
What security and compliance certifications does CyCognito have?
CyCognito holds SOC 2 Type II and ISO 27001 certifications, demonstrating robust security controls and adherence to stringent information security management practices. (Source)
How does CyCognito support compliance with industry frameworks?
CyCognito supports compliance with frameworks such as ISO27001:2022, NIST 800-171 R2, PCI-DSS v4, and CIS CSC by automating evidence collection and mapping findings to relevant controls. (Source)
Does CyCognito provide early warning of compliance violations?
Yes, CyCognito integrates with asset inventory and security testing workflows to provide actionable insights and early warnings of compliance violations, simplifying remediation. (Source)
Competition & Comparison
How does CyCognito compare to Tenable ASM?
CyCognito offers continuous outside-in discovery and automated validation, providing 20× more visibility and focusing on the top 0.01% of risks. Tenable ASM relies on manual input and passive scanning, which can miss blind spots. (Source)
What differentiates CyCognito from Qualys?
CyCognito focuses on external attack surface management with autonomous, seedless discovery, while Qualys primarily offers vulnerability management tools. CyCognito uncovers up to 20× more exposures and automates risk prioritization. (Source)
How does CyCognito compare to Microsoft Defender EASM?
CyCognito autonomously discovers hidden assets and provides rapid vulnerability scanning, while Microsoft Defender EASM requires manual input and lacks comprehensive discovery. CyCognito offers actionable insights and continuous monitoring. (Source)
What are the advantages of CyCognito over Palo Alto Networks Cortex Xpanse?
CyCognito uses NLP, ML, and a graph data model for business mapping, providing 20× more visibility and automated pentesting with 100,000+ modules. Cortex Xpanse relies on manual mapping and has limited testing and prioritization capabilities. (Source)
How does CyCognito's approach differ from CrowdStrike Falcon Surface?
CyCognito uses autonomous, black-box pentesting with 100,000+ testing modules and prioritizes risks based on exploitability and business context, enabling a >60% reduction in mean time to remediation (MTTR). CrowdStrike relies on passive scanning and lacks active testing results. (Source)
In the ever-evolving digital landscape, a robust exposure management strategy is critical to safeguarding a company’s assets. I recently sat down with Daniel Schlegel, the Global Chief Information Officer (CIO), Chief Security Officer, and Chief Privacy Officer of Berlitz Corporation, a global leader in language training and cultural education, to hear about their transformative experience using CyCognito to gain global external attack surface visibility, reduce costs, and enhance their security posture.
With a rich history spanning 145 years, Berlitz faced challenges stemming from the complexity of its digital infrastructure and the decentralized nature of its operations. The organization relied heavily on manual processes, which provided limited visibility and security gaps. This decentralized approach added a substantial operational load on Daniel’s team, spiraling resource costs as they continually increased headcount to keep pace with their expanding external attack surface.
“Our organization has been around for 145 years, and until recently, a lot of operational functions were decentralized and regionally operated. At that time, anyone with a little budget could authorize a public-facing resource.”
Traditional security measures were no longer sufficient in identifying and assessing risks across a vast network of diverse systems and applications. Standardizing functions globally was crucial for Berlitz. They needed a comprehensive exposure management solution that could bring all their external facing assets under one umbrella, manage risks more efficiently, and streamline operations.
“We were looking for a platform to automate tasks such as ongoing scanning and proactive assessment of our external attack surface. We wanted to keep abreast of general vulnerabilities and whether they potentially impacted the business,” Daniel noted.
Automation and Proactive Risk Management
Berlitz sought a proactive solution that could automate the risk and vulnerability discovery. After evaluating potential partners, CyCognito stood out to Daniel because of their proactive approach and mutual interest in our success. The collaboration has been immensely positive, and Daniel is confident that CyCognito continues to monitor and address vulnerabilities and potential threats before they are exploited.
“We felt comfortable relatively early on with CyCognito, they showed genuine interest in our success as a customer. They discovered assets that we were generally unaware of, giving us confidence that this was the right solution for us.”
Figure 1: Identifying risk on organization’s known vs discovered unknown assets
‘Aha’ Moments: The Discovery of Hidden Assets
CyCognito’s continuous automated discovery and monitoring of digital assets uncovered hidden and exposed assets has been a game-changer.
“There was an ‘aha’ moment on a somewhat regular basis; there were findings initially that came out of it. We really did not necessarily know the level of detail at this point, and we developed an understanding of what assets and threats may be out there that perhaps we weren’t aware of.”
Daniel recalls another high-stakes discovery of an unknown orphan payment gateway used in the early stages of an e-commerce project many years ago. They were able to track down the gateway and shut it down through the vendor that was hosting it.
100K in Cost Savings and Risk Reduction
CyCognito also led to substantial cost savings by identifying and eliminating unnecessary services, resulting in $100K in savings over three years.
“When we started shutting things down, we saved several thousands of dollars on a monthly recurring basis; over a number of years, you quickly get into six-digit savings.”
Enhanced Visibility and Exploit Intelligence
For the first time, Daniel had comprehensive visibility into Berlitz’s external attack surface. The intuitive dashboard and detailed reports provided actionable insights, enabling the team to identify and remediate critical risks efficiently.
Figure 2: Issue Alert
“First, we have the visibility, and then the prioritization, so we know week-over-week where we need to focus our time,” Daniel explained.
CyCognito’s Exploit Intelligence provided the latest data on how vulnerabilities are exploited and how they map to Berlitz’s security landscape.
“The biggest thing for us is the built-in Exploit Intelligence and the Attack Surface Management; these two key aspects are what emphasize the most.”
Critical Alerts Reduced by 86% Over Three Years
In the first full year running the platform, CyCognito alerted Berlitz to 140 critical items that needed to be prioritized and remediated. Over three years, Daniel saw an 86% reduction in critical alerts, from 140 to just 20.
“I’m pretty sure out of those 140 items, we would have only come across a fraction doing it ourselves manually. There was a large number of items to manage at the start, but now that those items are resolved, the number is much smaller. The platform’s value keeps increasing; it validates our efforts- the smaller the number, the better everything works, and that’s key to us.”
Unlocks Operational Efficiency
Figure 3: Critical Alerts
The automation built into the platform has freed up his team to focus their efforts based on actual risk exposure to their most critical assets and remediate faster.
“CyCognito was a force multiplier for our small team, allowing us to do more. The automation that is built into the platform means we don’t need to exponentially increase our headcount just to manage our assets.”
“CyCognito enables us to bring all our external assets under one umbrella, to look at this more holistically and centrally manage what’s happening.”
Seamless Integration and Accountability
When vulnerable assets need patching, the platform seamlessly integrates with Berlitz’s support ticketing system, Jira, ensuring timely resolution. This integration has brought accountability and centralized visibility to their assets, giving Daniel peace of mind they’ll be resolved in a timely way.
“The efficiency gains were substantial, particularly in remediating vulnerabilities. CyCognito brought accountability and centralized visibility to our assets, enhancing governance.”
Daniel’s journey with CyCognito has not only transformed Berlitz’s security posture but also set a benchmark for how organizations can achieve comprehensive visibility, fortify their defenses, and reduce costs with a robust exposure management solution.
Figure 4: Workflow and Automation
Looking ahead
Berlitz is now well-equipped to face the future with confidence and resilience. Berlitz and CyCognito’s partnership highlights the importance of proactive risk management, continuous improvement, and mutual trust.
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally .
