The Platform

Enable your security and operations teams to proactively identify, prioritize, and remediate exposures to stay ahead of attackers.

Watch a Demo
GigaOm Radar for Attack Surface Management

The expansion of an organization's attack surface continues to present a critical business challenge. Download the GigaOm Radar for Attack Surface Management to get an overview of the available ASM solutions, identify leading offerings, and evaluate the best solution for you.  

Use Cases

The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface.

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk. 

Our Customers

External attack surface management is advancing cybersecurity into a new era. Learn how security experts across all industries benefit from using CyCognito’s platform.

The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. 

About CyCognito

We believe all organizations should be able to protect themselves from even the most sophisticated attackers.

Contact us
Resources

The knowledge you need to manage and protect your attack surface.

What's New Blog
Research

The Biggest Security Nightmares from 2023 and How They Could Ruin Your 2024

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
May 15, 2024

It feels like the number of security issues affecting vital internet-exposed assets is never-ending. No one can predict the next big vulnerability. But exposure management techniques can help prepare your organization for a wide range of issues by identifying, validating, and mobilizing your response to emerging threats. These processes also include validating fixes and issues, a well-documented mobilization process, and automatic scanning for high value assets. 

Here are five types of issues that security teams should be aware of, along with exposure management solutions that can mitigate those risks.   

The Cracked Safe: MOVEit

Issue: A SQL injection vulnerability affecting MOVEit Transfer’s secure file transfer protocol (SFTP) web application (CVE-2023-34362) exposed data for thousands of organizations even after the patch was introduced in June 2023. Our research indicates that over 50% of attempted patches require multiple rounds of validation before the patch is successful, often because of incomplete or inaccurately followed remediation instructions. If organizations are not automatically validating fixes, sensitive assets may be left unpatched for months or years.

Solution: Because remediation processes can be complex and evolve as new details about issues are discovered, organizations must automate the remediation review process in order to maintain pace. 

The Zombie: Log4J

Issue: Even though CVE-2021-44228 was first identified in 2021, some organizations still haven’t patched this remote code execution (RCE) vulnerability. CyCognito found that 2% of organizations still have assets vulnerable to Log4J. The average organization took 24 days to remediate this vulnerability. 

Solution: Unpatched assets linger on the attack surface for two primary reasons: lack of awareness of the asset and poor internal processes for fixing issues. Security teams must develop automated processes to identify all assets and then to mobilize fixes on the most important issues. Without it, they will find themselves falling victim to these zombie vulnerabilities long after they’re out of the news. 

The Open Door: CitrixBleed

Issue: Thousands of servers around the world remain vulnerable to the CitrixBleed vulnerability, CVE-2023-4966, sometimes even after patches were applied. Affiliates of the Ransomware-as-a-Service group Lockbit 3.0 and AlphV/BlackCat have leveraged this vulnerability to compromise Fortune 100 organizations and financial institutions, stealing data and encrypting files. 

Solution: Vulnerabilities with this level of impact require targeted threat intelligence to stay informed as the situation evolves, as well as processes that validate if attempted fixes were successful. 

The Treasure Trove: DarkBeam

Issue: An unprotected Elasticsearch and Kibana interface belonging to the digital protection company DarkBeam exposed over 3.8 billion records of personally identifiable information (PII) in September 2023, including hundreds of millions of login credentials. Our research indicates that 7% of web apps contain PII fields and could potentially expose PII .  

Solution: Automatically scanning for forgotten or unmonitored interfaces that lack password protection or contain PII can identify these types of treasure troves as soon as they’re exposed. 

Weak Link in the Supply Chain: Juniper Networks

Issue: When Juniper Networks misconfigured their Salesforce installation, they not only exposed their own data, but also put their customers’ data at risk. This error allowed attackers to identify device and support contract information for organizations that were no longer Juniper customers but still had active devices, indicating that those devices were no longer receiving security updates. 

Solution: Organizations must be able to quickly mobilize in response to security issues that affect not only themselves but also their third party suppliers or their third party’s third party. Security teams also need prompt awareness of devices that are no longer receiving security updates so that they can be taken offline or otherwise protected from attackers. A well-implemented mobilization process reduces friction between impacted IT security teams and accelerates MTTR.

Take Action

Comprehensive exposure management requires continuous monitoring for new assets and actively testing vulnerabilities that could put your organization at risk.

As the catalog of vulnerabilities grows, security teams must use systemic processes to stay ahead of attackers. Continuous monitoring of assets, networks, and systems allows vulnerabilities to be swiftly identified and remediated, while integrated validation and context foster collaboration between security analysts, IT teams, and stakeholders. 

CyCognito is an exposure management platform that reduces risk by discovering, testing and prioritizing security issues. The platform tests billions of websites, cloud applications and APIs and uses advanced AI to identify the most critical risks and guide remediation. Emerging companies, government agencies and Fortune 500 organizations rely on CyCognito to secure and protect from growing threats. For more information, visit cycognito.com/demo.


Topics





Recent Posts








Top Tags



CyCognito Research Report

State of External Exposure Management

State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk.

Dummies Book

External Exposure & Attack Surface Management For Dummies

External Exposure & Attack Surface Management For Dummies

As your attack surface has grown to cloud infrastructures and across subsidiaries, attackers are looking for and finding unknown and unmanaged assets to serve as their entry points.

Interactive Demo

Ready to Rule Your Risk?

Request a personalized walkthrough of the CyCognito platform to see how we can help your company identify all its internet-exposed assets, focus on which are most vulnerable to attacks, and accelerate your time to remediating critical risks.