The Platform

Enable your security and operations teams to proactively identify, prioritize, and remediate exposures to stay ahead of attackers.

Watch a Demo
GigaOm Radar for Attack Surface Management

The expansion of an organization's attack surface continues to present a critical business challenge. Download the GigaOm Radar for Attack Surface Management to get an overview of the available ASM solutions, identify leading offerings, and evaluate the best solution for you.  

Use Cases

The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface.

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk. 

Our Customers

External attack surface management is advancing cybersecurity into a new era. Learn how security experts across all industries benefit from using CyCognito’s platform.

The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. 

About CyCognito

We believe all organizations should be able to protect themselves from even the most sophisticated attackers.

Contact us
Resources

The knowledge you need to manage and protect your attack surface.

What's New Blog
Research

Heartbleed-like Critical OpenSSL Bug Impacts Versions 3+

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
October 30, 2022

Thanks to a critical bug in OpenSSL versions 3.0 and above, security teams hoping for treats and no tricks this Halloween may be out of luck.

Earlier this week, the OpenSSL Project team said a critical security flaw had been identified in versions 3.0 and above of its popular cryptographic library for encrypting internet communications. If exploited, the results could be Heartbleed spooky – allowing adversaries to remotely compromise a server’s private keys or remotely execute code on hardware, according to OpenSSL’s own description.

Anyone who remembers OpenSSL’s 2014 Heartbleed vulnerability (CVE-2014-0160) will be aware of the potential for disaster. Heartbleed gave attackers a way to eavesdrop on communications, steal data, and impersonate users of VPNs, emails and chat servers and other software that uses the nearly ubiquitous cryptographic library.

Good News, Bad News

There is a good chance that anything that securely communicates with the internet could be using OpenSSL. However, only a tiny fraction of those OpenSSL instances are likely vulnerable to attack. That is because only OpenSSL version 3.0 and above are vulnerable. And given that OpenSSL 3.0 was introduced only a year ago, most organizations run earlier versions of OpenSSL, which are not affected.

CyCognito’s assessment of its own customer assets under its security protection found less than 0.1 percent of OpenSSL assets monitored vulnerable. While 0.1 percent doesn’t sound like a lot, the ubiquity of OpenSSL worldwide combined with the vital protections the library provides to internet communications means that organizations should ensure that their most valuable assets are not at risk from this vulnerability.

“Situations like this underscore the importance of hygiene and keeping a critical and confident eye on what an adversary sees first – the external attack surface,” said Anne Marie Zettlemoyer, CyCognito’s chief security officer. “When time is critical, organizations that can quickly gain visibility and understanding of where their risk and exposure lies will be best suited to defend and recover.”

OpenSSL’s patched version (3.0.7) will not be available until Tuesday, November 1, giving organizations a few days to identify exactly which assets and applications are affected and create a prioritized remediation plan. As of October 28, there are no publicly available exploits or attacks abusing this vulnerability.

(image above shows the Cognito Advisories Dashboard and the warning tied to the OpenSSL v.3+ vulnerability)

Customers that subscribe to CyCognito’s Exploit Intelligence module can find a list of affected assets, along with further context and next steps for remediation, in their Advisories Dashboard (pictured above). CyCognito Exploit Intelligence, a part of the CyCognito platform, enhances risk prioritization by combining detailed data about gaps in their attack surface with tactical threat intelligence about in-the-wild security threats like this OpenSSL vulnerability. Teams can also use Exploit Intelligence to view and test step-by-step exploitation instructions provided by the CyCognito platform to safely simulate attacks to validate risks and generate indicators of compromise (IOCs) in SIEM, XDR and other security countermeasures.

CyCognito customers interested in subscribing to Exploit Intelligence should contact their Customer Success Manager. Not a customer but interested in how this kind of threat intelligence insight can help you manage risk? Contact us or check out more information on Exploit Intelligence.


Topics





Recent Posts








Top Tags



CyCognito Research Report

State of External Exposure Management

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk.

Dummies Book

External Exposure & Attack Surface Management For Dummies

External Exposure & Attack Surface Management For Dummies

As your attack surface has grown to cloud infrastructures and across subsidiaries, attackers are looking for and finding unknown and unmanaged assets to serve as their entry points.

Interactive Demo

Ready to Rule Your Risk?

Request a personalized walkthrough of the CyCognito platform to see how we can help your company identify all its internet-exposed assets, focus on which are most vulnerable to attacks, and accelerate your time to remediating critical risks.