We’re excited to announce our Series B funding today because it helps us advance our mission to give organizations an advantage over cybersecurity attackers who generally have the upper hand.
Fundamentally, there’s an inherent inequity in the structure of the “security game.” Defenders have to protect the entire playing field (i.e., their attack surface) and always be successful, even as its boundaries constantly change. But attackers only have to execute one clever move to break through and be victorious.
Further, attackers understand how security teams work, the limitations of enterprise security tools and the assumptions security experts are making in their lines of defense. They know exactly where their opponents will double-down on defense and where they will forget to look. Without breaking a sweat, attackers identify the externally-exposed systems and assets that are mostly overlooked by organizations and use them as an easy path — a path of least resistance — into the enterprise.
For the enterprise to gain the upper hand when protecting their IT ecosystem, they must apply some of the same techniques that attackers use. And that’s where CyCognito comes in. From the outset, my co-founder Dima Potekhin and I knew from our national intelligence agency roots that attackers easily succeed when security teams have visibility gaps that they are unable to map and leave unprotected. These assets often pose significant business risk in themselves or provide a conduit to other more valuable assets.
It’s not uncommon to see forgotten and unprotected sensitive business assets on internal networks, in the cloud, and on partner or subsidiary networks become the first point of an attack. Attacks on those exposed elements can quickly spiral into a nightmare situation because they often include pathways to payment mechanisms that can expose customer credit card data, DevOps components that allow access to source code and keys, intellectual property, and third-party gateways that can provide access to internal networks. Once those exposed assets are breached, they put business stability and important relationships at risk.
To prevent this and allow security teams to understand what’s exposed and help them identify and prioritize these paths of least resistance, we have committed ourselves to developing a first-of-its-kind platform that delivers large-scale automation of the whole reconnaissance process, a process that can take an attacker weeks, if not months, to run per organization.
Attack surface management as a category of products has gained attention in the market, from security experts, industry analysts and customers. Most of this practice has been focused on the known attack surface, and only on discovery but not security testing.