The Platform

Enable your security and operations teams to proactively identify, prioritize, and remediate exposures to stay ahead of attackers.

Watch a Demo
GigaOm Radar for Attack Surface Management

The expansion of an organization's attack surface continues to present a critical business challenge. Download the GigaOm Radar for Attack Surface Management to get an overview of the available ASM solutions, identify leading offerings, and evaluate the best solution for you.  

Use Cases

The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface.

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk. 

Our Customers

External attack surface management is advancing cybersecurity into a new era. Learn how security experts across all industries benefit from using CyCognito’s platform.

The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. 

About CyCognito

We believe all organizations should be able to protect themselves from even the most sophisticated attackers.

Contact us
Resources

The knowledge you need to manage and protect your attack surface.

What's New Blog
Research

Vulnerability Notice: Patch CVE-2021-31166

Alex-Zaslavsky
By Alex Zaslavsky
Sr. Product Manager
May 21, 2021

In its Patch Tuesday release for May 2021 Microsoft released guidance and a patch for CVE-2021-31166. We’ve been tracking the research on it, and recommend that those with this vulnerability on their Microsoft IIS servers patch it immediately. 

To give you a little insight, there are a few reasons that this particular vulnerability has warranted the additional research from the industry and our team:

  • It’s a critical vulnerability: This vulnerability would let an attacker take control of an affected system and shut them down (even without remote code execution (RCE)), and is wormable, so could be used to move across the internal network.
  • Discovery of these servers is easy: The discovery of potentially vulnerable servers by attackers is very easy, and IIS servers are pretty common.
  • POC exploit code has been released: The first proof-of-concept (POC) exploit code has been released, which generally is the first step before there are more attempts at exploitation. The POC can result in a denial of service (DOS), and is relatively easy to exploit.
  • But RCE is difficult: It is not trivial to transform this into an RCE as it requires crafting careful memory manipulations, but some groups could and would accomplish this.
  • And it’s only on newer Windows servers: This vulnerability is only applicable to more recent versions of these Windows servers, including Windows 10 2004 and 20H2, and Windows Server 2004 and 20H2. Basically, the Windows 10 and Windows Server OS versions released last year.

Given the rise in ransomware, and the wormability of this vulnerability, it’s a good time to check your IIS servers and make sure that for those newer Windows 10 servers affected that CVE-2021-31166 has been patched. Let’s get it off of those systems before attackers find a way to exploit it.  

What to do next…

If you’re not yet familiar with CyCognito, sign up for a demo and let us show you all of your IIS servers. The ones you know about, and the ones you don’t.

Our platform takes the attackers’ perspective to help you dramatically reduce your overall business risk and increase efficiency. With no deployment required, it autonomously discovers and maps your organization’s entire attack surface, including previously unknown assets in on-premises, cloud, partner and subsidiary environments. With an understanding of the business context of your assets and what is most attractive to attackers, it then detects and prioritizes your organization’s most easily exploitable exposures, the attackers’ paths of least resistance. Your security team knows where to focus first to eliminate those risks, while prescriptive remediation guidance and efficient validation speed their work.


Topics





Recent Posts








Top Tags



CyCognito Research Report

State of External Exposure Management

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk.

Dummies Book

External Exposure & Attack Surface Management For Dummies

External Exposure & Attack Surface Management For Dummies

As your attack surface has grown to cloud infrastructures and across subsidiaries, attackers are looking for and finding unknown and unmanaged assets to serve as their entry points.

Interactive Demo

Ready to Rule Your Risk?

Request a personalized walkthrough of the CyCognito platform to see how we can help your company identify all its internet-exposed assets, focus on which are most vulnerable to attacks, and accelerate your time to remediating critical risks.