CyCognito Blog

Posts by Graham Rance

Graham-Rance

Graham Rance

Field CTO

Graham Rance is the Field CTO at CyCognito. With more than 20+ years of security and infrastructure experience, Graham and his team are responsible for technical pre-sales responsibilities covering the globe.



Perspectives

External Attack Surface Management Promised Visibility — But Did It Deliver?

By Graham Rance
Field CTO
May 12, 2025

External Attack Surface Management (EASM) promised to illuminate the unknown, but early tools barely scratched the surface, relying on what security teams already knew. Today’s attacker-centric EASM flips the script, discovering unknown assets, mapping them to the business, and validating real-world risk with zero input. The result isn’t just visibility—it’s proof of exposure, and a clear path to action.

Go to the Post


Featured, Research

Web Application Security Testing: Struggles, Shortfalls and Solutions

By Graham Rance
Field CTO
June 3, 2024

A survey of cybersecurity professionals in the U.S. and U.K. reveals challenges in web application security testing. Key findings include extensive attack surfaces due to numerous in-house and third-party applications, frequent security incidents, concerns about the effectiveness of existing tools, and inadequate testing coverage. Additionally, over half of respondents struggle to remediate discovered vulnerabilities. These findings highlight the need for improved web application security testing strategies.

Go to the Post


Perspectives

The Truth About How Security Ratings Work

By Graham Rance
Field CTO
August 6, 2021

Security ratings platforms provide a view of your security posture they – do not provide tools required to for operations nor do they reduce cyber risk.

Go to the Post


Topics


Search the Blog



Featured Posts

Emma Zaballos
A New Framework: Understanding Exposure Management 
By Emma Zaballos
November 11, 2024
Jason Pappalexis
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Jason Pappalexis
Think your attack surface is covered? Let’s look at the math.
By Jason Pappalexis
September 30, 2024
Emma Zaballos
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Graham Rance
Web Application Security Testing: Struggles, Shortfalls and Solutions
By Graham Rance
June 3, 2024


Top Tags


Stay informed

Subscribe to the Blog

Subscribe now to get the latest insights delivered straight to your inbox.

CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report

Moving from Vulnerability Management to Exposure Management

Moving from Vulnerability Management to Exposure Management

Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.

Request a Scan