Demo of the CyCognito Platform

See the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. 

 
State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. 

The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. 

 
Company

Security Weekly Interview: What’s Holding Attack Surface Management Back?

Lisa-Bilawski
By Lisa Bilawski
Was Director of Content Marketing at Cycognito
September 1, 2021

Attack Surface Management: What’s the mystery?

The concept of the attack surface is almost as old as cybersecurity itself. So why do so many companies still struggle with attack surface management? Why is what should be a foundational element of any good security program so often an afterthought, if thought about at all?

It’s not like the challenge of protecting an organization is getting any easier. Quite the opposite: the rise of the cloud and remote work means that networks have become far more complex, with thousands or even millions of assets exposed to the internet. As a result, organizations don’t know what they don’t know, creating blind spots in protection that can be leveraged by attackers.

The issue is that the security industry, by and large, continues to evolve incrementally, leaving it years behind other areas of the tech industry like Google and AWS, and even further behind sophisticated, ever-evolving cybercriminals. Why? Because the technology required to solve the challenge of attack surface management was until recently cost-prohibitive, in addition to being difficult to scale for most organizations.

Why attack surface monitoring needs to run across the entire infrastructure

However, that’s no longer the case. In an interview with Security Weekly, CyCognito CEO Rob Gurzeev explains that the technology now exists to ensure effective attack surface management. It’s now up to CISOs to understand the risks and adopt tools that are up to the task of properly managing the attack surface.

“No combination of network port scanners, CVE scanners and the like can solve the problem,” he said. “You have to leverage technologies like NLP and machine learning to automatically, at scale, find third-party components, your subsidiary’s assets and the millions of assets you’ve got around the world and contextualize the risk.”

During this wide-ranging discussion, Rob shares valuable insight into why attack surface monitoring needs to run across the entire infrastructure – not just open ports – so you can find the exploitable assets that create the greatest risk before a potential attacker gets the chance. You’ll also get to hear directly from Rob about why and how the CyCognito platform was designed to take the perspective of an attacker so you can get the complete external attack surface visibility you need to prioritize risks and accelerate remediation. Click the link above to hear Rob!


Topics



Search the Blog



Recent Posts








Top Tags



CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.

O'Reilly Report

Moving from Vulnerability Management to Exposure Management

Moving from Vulnerability Management to Exposure Management

Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.

Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.