Co-Creator of Company That Shifts the Advantage of Surprise Away from Attackers, and in Favor of Security Pros, Named to 2019 Forbes Enterprise Technology Cohort.
PALO ALTO, CA, December 4, 2019 – CyCognito Inc., developers of innovation to eliminate the world’s shadow risk, today announced that CEO and Co-Founder Rob Gurzeev has been named to the Forbes “30 Under 30” List. The company recently introduced new innovation that enables enterprise organizations to locate and identify Internet-facing assets which they are otherwise unaware of, but which are readily identified by threat actors targeting them.
Rob and co-founder Dima Potekhin, CyCognito CTO, understood that cyber attackers typically have the upper hand when looking for weaknesses they can compromise, and use tools and techniques that easily outpace the legacy security solutions enterprises use. The Forbes 30 Under 30 team noted, “That experience taught them how attackers could exploit security blind spots, so they built CyCognito to perform continuous attack simulations that help organizations understand areas of weakness.”
“Security professionals deal every day with the fact that attackers need just a single blind spot for entry, while defenders have to guard everything, all the time. Attackers seek the ‘weakest zebra in the herd’ so to speak, and extract resources they can monetize before a victim organization knows it’s under attack,” Gurzeev said.
“The fact is that most organizations have many Internet-exposed pathways into their organization that they’re completely unaware of, and unable to protect,” Gurzeev said. “Threat actors breach those blind spots, using cheap, automated, and widely available scanning and exploitation capabilities, putting the organization’s business stability and important relationships at risk. This is galling.”
Gurzeev first approached Potekhin in 2016 with the idea of evaluating an organization’s attack vectors through the same sort of lens that attackers use, to build a solution that puts the power of wide Internet-scale reconnaissance into the hands of security professionals. Gurzeev and Potekhin thought: “What if we could shift the paradigm, and instead of deploying agents or instructing a port scanner to scan a few known IP ranges, we could actually identify which ‘zebras’ are at risk and which open pathways are most tempting to bad actors?” They looked to simulate an attacker's whole reconnaissance process, starting from step one, where the attacker knows only a target company’s name and has “compromise” as an objective. In 2017, they began to make this happen with the mission of protecting organizations from exploitation, using methods that were only being used by highly sophisticated threat actors.
Gurzeev said: “We looked to create a new class of solution to beat attackers at their own game. It’s heartening that from Day One on the CyCognito platform, customers are finding, assessing and closing these open pathways.”
“Rob’s technical genius and creativity, combined with methodical and strategic leadership, are integral to CyCognito’s innovation and the fact that we are defusing cyberattacks in a way that no one else has done before. But it’s his leadership, modesty and genuine warmth that shape CyCognito’s culture,” Potekhin said. “We’re enormously proud of Rob and delighted that Forbes recognizes him as one of the Forbes 30 Under 30 innovators.”
CyCognito was founded by veterans of national intelligence agencies who understand how attackers exploit blind spots that legacy approaches help create, and who recognized the need for a radical new approach to risk assessment. Its mission is to help organizations eliminate their most critical security risks, which are often unknown to them: assets and attack vectors that are part of the organization’s IT ecosystem but may not be managed by IT and security teams because they are in various cloud, partner, subsidiary and “abandoned” environments. Sophisticated attackers actively seek these assets, which create “shadow risk.”
Its next-generation security risk assessment platform enables Fortune 500 and other leading brands around the world to autonomously discover, enumerate, and prioritize their organization’s shadow risk based upon a global analysis of their external attack surface and the attack vectors that a real attacker would likely exploit. For more information, please visit cognito.com.
# # #