CyCognito Blog
Posts tagged ‘Attack Surface Management’
Research
What Over 2 Million Assets Reveal About Industry Vulnerability
By Zohar Venturero
Data Scientist
July 15, 2025
We analyzed more than two million internet-exposed assets across cloud, on-prem, APIs, and web apps, discovered by our platform over the past 18 months. Using attacker-simulated testing, including black-box pentesting, dynamic application security testing (DAST), and active vulnerability scanning, we mapped how exploitable exposures cluster by industry and asset type. The results reveal systemic weaknesses in how organizations govern their digital perimeter, especially in environments shaped by rapid growth, third-party dependencies, and fragmented ownership.
Perspectives
The CISA Points Way Forward for More Effective Vulnerability Management with Directive 23-01
By Carrie Oakes
Was Sr. Director of Product Marketing
February 26, 2024
CISA’s proactive approach to cybersecurity is highlighted, focusing on two directives: BOD 22-01, which mandates agencies to consult the “Known Exploited Vulnerabilities Catalog,” and BOD 23-01, aimed at improving agency asset visibility and vulnerability detection. These directives emphasize asset discovery and vulnerability enumeration as crucial activities for risk reduction. CyCognito’s platform aligns with these directives by automating discovery, contextualizing assets, and prioritizing vulnerabilities based on attacker perspective, enabling organizations to efficiently close gaps in their attack surface management.
Products
API Detection with CyCognito
By Tim Matthews
Was Chief Marketing Officer
November 6, 2023
CyCognito Attack Surface Management (ASM) now offers the ability to discover APIs on an organization’s attack surface. Given the proliferation of APIs and their attractiveness to attackers, this capability is an important new tool for security teams. This post describes the issue and how CyCognito ASM solves it.
Research
It’s 10pm – Do You Know Where Your PII Is?
By Emma Zaballos
Product Marketing Manager
September 6, 2023
Have you ever wondered just how much the average external attack surface changes every month?
Perspectives
Vulnerability Prioritization: What to Consider
By Greg Delaney
Was a Senior Product Marketing Manager at CyCognito
August 24, 2023
Vulnerability prioritization is the process of identifying and ranking vulnerabilities in order to focus efforts on the most important vulnerabilities.
Perspectives
External Exposure Management: Key to Safeguarding Your Attack Surface
By Tim Matthews
Was Chief Marketing Officer
August 3, 2023
Manage the entire attack surface with external exposure management. Learn more about the key ways to safeguard your attack surface at CyCognito.
Perspectives
Rash of Breaches Hit Businesses in Australia Hard
By Tom Spring
Was a Media Manager at CyCognito
November 17, 2022
Recent spate of Aussie breaches spur huge fines to push security teams to tighten their external attack surface.
Research
Study: EASM Products Boost Security While Reducing Costs
By Tom Spring
Was a Media Manager at CyCognito
November 17, 2022
What is the economic impact of adding an External Attack Surface Management platform to your 2024 cybersecurity roadmap?
Perspectives
How to Get the Most out of Pen Tests
By Phillip Wylie
Was Hacker in Residence at CyCognito
March 30, 2022
Over the years, pen tests have increasingly become a mandated component of regulatory and compliance standards. The Payment Card Industry Data Security Standard (PCI DSS) requiring pentests be performed in card data environments (CDEs) grew this need for compliance-based pen testing.
Perspectives
Principles of Attack Surface Protection: Discover Everything
By Rob Gurzeev
CEO & Co-Founder
February 24, 2022
Imagine a cybersecurity team that is working hard with the usual tools and best practices. All seems on course for protecting the enterprise attack surface.
Topics
Search the Blog
Featured Posts
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Top Tags
CyCognito Research Report
State of External Exposure Management, Summer 2024 Edition
Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report
Moving from Vulnerability Management to Exposure Management
Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan
See Exactly What Attackers See
Get a Free Scan of Your Attack Surface
Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.