CISA’s proactive approach to cybersecurity is highlighted, focusing on two directives: BOD 22-01, which mandates agencies to consult the “Known Exploited Vulnerabilities Catalog,” and BOD 23-01, aimed at improving agency asset visibility and vulnerability detection. These directives emphasize asset discovery and vulnerability enumeration as crucial activities for risk reduction. CyCognito’s platform aligns with these directives by automating discovery, contextualizing assets, and prioritizing vulnerabilities based on attacker perspective, enabling organizations to efficiently close gaps in their attack surface management.
Networking equipment vendor Juniper Networks recently exposed current and former customer information due to a Salesforce misconfiguration. While incidents like these can give attackers valuable data and footholds into your network, leveraging exposure management best practices and processes can help organizations mitigate these risks.
There are three approaches to External Attack Surface Management (EASM) for securing complex and evolving attack surfaces in modern organizations. Each has its own set of considerations, including the limitations of traditional methods and the resource-intensive nature of human reconnaissance, which clearly underscore the benefits of an automated and comprehensive EASM solution like CyCognito.
Two security issues affecting the popular Ivanti Connect Secure and Ivanti Policy Secure remote access SSL VPN systems can be chained together to give unauthenticated attackers remote access to critical systems. CyCognito’s active testing protects our current customers and delivers key insights about these vulnerabilities in the CyCognito platform.
Axonius and CyCognito, working together, provide a broad picture of risk based on internal and external intelligence allowing mutual customers to efficiently prioritize threats based on their potential for real-world exposure.
An accurate external asset inventory forms the foundation for reduced exposure and risk. CyCognito’s unique approach to organizational reconnaissance, asset discovery, and contextualization provides IT Security teams with meaningful information that reduces time to remediation.
Cyber Monday is right around the corner and millions of consumers will flock to ecommerce websites in search of the best deals. But can shoppers be assured that the sites they do business with are secure and compliant? Before and during the holiday shopping season, retailers need to ensure that ecommerce websites with missing WAFs, cryptographic vulnerabilities, or easily exploited critical issues.
Generative AI is a form of artificial intelligence that generates new content –including text, images, and video – in response to user prompts. These AI models are trained on huge volumes of data and use algorithms to create content that has a similar structure to their training data
CyCognito Attack Surface Management (ASM) now offers the ability to discover APIs on an organization’s attack surface. Given the proliferation of APIs and their attractiveness to attackers, this capability is an important new tool for security teams. This post describes the issue and how CyCognito ASM solves it.
