IT security teams are well aware their organizations are under constant attack. Reconnaissance scans and initial access attempts – logged nearly every day on heavily monitored web servers, SSH gateways and VPN gateways – are harsh reminders of exposure and risk.
Despite eradication efforts, Log4j continues to haunt large corporations eight months after the critical vulnerability was discovered.
Russian cyberattacks, Log4J and compliance top the list of concerns for Anne Marie Zettlemoyer, CyCognito’s new Chief Security Officer (CSO).
We’ve seen across our customers that the typical attack surface changes by one to three percent every day.
While some organizations may be fine with an ASM solution that automatically bundles in pen testing, for more companies I think CyCognito, supplemented with a dedicated pen testing team, is a better solution.
Mergers and acquisitions, poorly managed web apps and insecure PII represent biggest risks tied to external attack surfaces in 2022.
At CyCognito, our mission is to help organizations protect themselves from even the most sophisticated attackers. We can’t do that unless we ourselves maintain the highest standards of security. That’s why we’re pleased to announce that CyCognito has achieved SOC 2 Type 2 accreditation.
“Bad news, early” is a common business mindset designed to communicate urgency behind the need to identify small problems before they become big problems.
On May 4th, 2022, F5 announced their internal discovery of a remote code execution (RCE) vulnerability, CVE-2022-1388, that affects all firmware versions of their BIG-IP product.
NIST assigned Spring4Shell a score of 9.8, most likely out of concern of a similar blast radius to Log4Shell, which was trivial to exploit and very common.
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.