On October 9th, 2024, five vulnerabilities affecting Palo Alto Networks Expedition before version 1.2.96 were disclosed by Palo Alto Networks. These issues include OS command injection, SQL injection, cleartext storage of sensitive data, and reflected XSS vulnerabilities. Though active exploitation has not been reported, CyCognito has released an active test and in-app notification covering these issues due to risks posed by their severity and ease of exploitation.
Read more about Emerging Security Issue: Multiple Palo Alto Networks Expedition PAN-OS Firewalls VulnerabilitiesCyCognito Blog
Your source for exposure management research, product news, and security insights.
Search the Blog
Exposure Management (EM), introduced by Gartner in 2022, represents the evolution or vulnerability management. With EM, security teams can address visibility and testing gaps, and stay ahead of threats. This blog includes six signs that your organization needs EM, and five essential requirements to implement it.
Read more about Six Signs that Exposure Management is Right for Your Organization
With EASM becoming essential to security operations, many vendors are jumping on board, but not all solutions are enterprise-grade. Basic EASM products can waste time, undermine security teams, and offer a false sense of protection. To avoid these pitfalls, ask your vendor these five critical questions—if they can’t answer, it’s a red flag.
Read more about Five Questions Your EASM Vendor Doesn’t Want You to AskMany organizations believe their security testing is robust, but common tools like vulnerability scanning and penetration testing often leave surprising gaps. Infrequent tests, limited asset coverage and inaccurate results leave exposure and risk. Achieving ideal security goals requires full coverage, high accuracy, and frequent testing—criteria most approaches struggle to deliver. CyCognito bridges these gaps with automated testing for network systems and web applications, helping organizations strengthen their security, continuously.
Read more about Think your attack surface is covered? Let’s look at the math.CyCognito just published our 2024 State of External Exposure Management Report. In this report, we looked at where serious issues hide on the average attack surface, how basic protections can help (or fail to) protect critical assets, and the ways that deprioritizing issues can help security teams spend their time on the right vulnerabilities.
Read more about Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management ReportGaps in security testing involve more than missed assets – infrequent and inaccurate security testing can be just as big. This blog provides a five-step plan to help you find testing gaps and tighten your testing program, improving risk management, decision-making, and cost efficiency. A must-read for anyone looking to strengthen their security across their external attack surface.
Read more about Common security testing approaches leave gaps. Here’s how to find them.
CyCognito’s new certified integration with ServiceNow’s Configuration Management Database (CMDB) enhances asset visibility and streamlines management to bolster cybersecurity defenses. By synchronizing CyCognito assets with ServiceNow Configuration Items (CIs), the integration ensures that the CMDB remains current, enabling quicker assessment and response to potential threats. This integration is particularly valuable for organizations aiming to standardize asset management and security operations on the ServiceNow platform.
Read more about Optimizing Asset Management and Incident Response: CyCognito’s New Integration with ServiceNow CMDB
I recently sat down with Daniel Schlegel, the Global Chief Information Officer (CIO), Chief Security Officer, and Chief Privacy Officer of Berlitz Corporation, a global leader in language training and cultural education, to hear about their transformative experience using CyCognito to gain global external attack surface visibility, reduce costs, and enhance their security posture.
Read more about A Recent Interview Uncovers How Berlitz Corporation Reduced Critical Alerts by 86% and Saved 100K with CyCognitoNIS 2 deadline is October 2024, but many are challenged to implement. CyCognito provides risk-based insight that speeds your alignment with NIS 2.
Read more about What’s the buzz about NIS 2?Die Frist für NIS 2 endet im Oktober 2024: Auch wenn es in vielen Mitgliedsstaaten noch länger dauert, bis diese Direktive in lokale Gesetze gegossen sein wird, beginnen doch schon viele betroffene Unternehmen mit der Planung bzw. Umsetzung der für sie passenden Maßnahmen. CyCognitos umfassende External Attack Surface Risk Management Plattform kann die Umsetzung wichtiger Bestandteile der NIS 2 Richtlinie beschleunigen.. Dieser Blog ist eine passende Lektüre für alle, die sich mit dem Verständnis der NIS 2-Anforderungen und der Suche nach dem schnellsten Weg zur Erfüllung dieser Anforderungen beschäftigen.
Read more about Worum geht es bei NIS 2?