Succeeding In Our Mission Means that Attackers Don’t Succeed in Theirs

By Rob Gurzeev, CEO and Co-Founder of CyCognito | July 23, 2020
Share:

We’re excited to announce our Series B funding today because it helps us advance our mission to give organizations an advantage over cybersecurity attackers who generally have the upper hand.

Fundamentally, there’s an inherent inequity in the structure of the “security game.” Defenders have to protect the entire playing field (i.e., their attack surface) and always be successful, even as its boundaries constantly change. But attackers only have to execute one clever move to break through and be victorious. 

Further, attackers understand how security teams work, the limitations of enterprise security tools and the assumptions security experts are making in their lines of defense. They know exactly where their opponents will double-down on defense and where they will forget to look. Without breaking a sweat, attackers identify the externally-exposed systems and assets that are mostly overlooked by organizations and use them as an easy path — a path of least resistance — into the enterprise.

For the enterprise to gain the upper hand when protecting their IT ecosystem, they must apply some of the same techniques that attackers use. And that’s where CyCognito comes in. From the outset, my co-founder Dima Potekhin and I knew from our national intelligence agency roots that attackers easily succeed when security teams have visibility gaps that they are unable to map and leave unprotected. These assets often pose significant business risk in themselves or provide a conduit to other more valuable assets.

It’s not uncommon to see forgotten and unprotected sensitive business assets on internal networks, in the cloud, and on partner or subsidiary networks become the first point of an attack. Attacks on those exposed elements can quickly spiral into a nightmare situation because they often include pathways to payment mechanisms that can expose customer credit card data, DevOps components that allow access to source code and keys, intellectual property, and third-party gateways that can provide access to internal networks. Once those exposed assets are breached, they put business stability and important relationships at risk.

LI Ad-SG-Merger-and-Acquisition-1To prevent this and allow security teams to understand what’s exposed and help them identify and prioritize these paths of least resistance, we have committed ourselves to developing a first-of-its-kind platform that delivers large-scale automation of the whole reconnaissance process, a process that can take an attacker weeks, if not months, to run per organization.

Attack surface management as a category of products has gained attention in the market, from security experts, industry analysts and customers. Most of this practice has been focused on the known attack surface, and only on discovery but not security testing. 

 

"Our focus on the path of least resistance, which combines asset discovery, business context assignment, security testing and meaningful risk prioritization, and puts us in a category of our own."

Rob Gurzeev CEO and Co-Founder of CyCognito

Now it’s clear that discovery of the entire attack surface — whether on-premises, in cloud or partner networks, in abandoned assets or in subsidiaries — is critical, as is security testing. That’s why CyCognito uniquely focuses on the path of least resistance, which combines asset discovery, business context assignment, security testing and meaningful risk prioritization, and puts us in a category of our own. Here’s a snapshot of the “playbook” we’re delivering to organizations around the globe:

  • Without deployment or configuration, the CyCognito platform automatically and continuously discovers and assesses an organization’s attack surface to discover the attackers’ paths of least resistance. 
  • To bridge the creativity and expertise advantage that attackers have, the platform accelerates a process that takes attackers months to conduct. We do this with a combination of data collection and sophisticated data analysis to identify an organization's assets, their business function/context and what type of security risks they harbor. Data is collected via a botnet that scans all exposed internet assets globally and fingerprints them.
  • Machine learning is applied to fingerprints to understand business context, including ownership and relationships.
  • Pen testing tools, techniques and processes are automated and orchestrated, and every asset related to the company is tested.
  • Risks are assessed and prioritized based on business context, discoverability, potential impact, exploitation complexity and remediation effort.
  • Actionable remediation guidance is offered for each issue that is identified.

We have strong validation for our POLaR - path of least resistance approach including growing adoption of the CyCognito platform by Global 2000 organizations.

BLOG2007-POLaR


Additional proof of the platform’s value and unique approach: it is the first attack surface management solution to discover a zero-day vulnerability. In fact, it recently uncovered four, including one in a Cisco branch office router not previously discovered by dynamic application security testing (DAST) scanners or manual penetration testers. Those results demonstrate the value of automated security testing at-scale: coverage for your entire extended IT ecosystem and not just the 20% of known assets most organizations security test.  We look forward to sharing our ongoing progress with you as we continue to realize our goal of giving enterprises the upper hand against attackers and expanding the capabilities of the CyCognito platform. 

 

About Rob Gurzeev, CEO and Co-Founder of CyCognito

Rob Gurzeev, CEO and Co-Founder of CyCognito, has led the development of offensive security solutions for both the private sector and intelligence agencies.

Contact Author:
  • linkedin
  • email
mobile

Start Eliminating Your Shadow Risk

Demo Request