{"id":432,"date":"2019-11-19T18:01:00","date_gmt":"2019-11-19T18:01:00","guid":{"rendered":"https:\/\/www.cycognito.com\/blog\/?p=432"},"modified":"2024-01-22T08:46:06","modified_gmt":"2024-01-22T16:46:06","slug":"news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform","status":"publish","type":"post","link":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/","title":{"rendered":"Beating Attackers at Their Own Game &#8211; Preventing Cybercrime"},"content":{"rendered":"\n<h5 class=\"wp-block-heading\">Automating Offensive Security Processes to Discover and Defend the Attack Surface<\/h5>\n\n\n\n<p>The CyCognito journey began with a keen awareness that in the battle against cybercrime, attackers often have the upper hand. They need to find any weak spot, the \u201cweakest zebra in the herd\u201d so to speak, while security teams must defend every possible point of entry in an&nbsp;<a href=\"\/learn\/attack-surface-discovery.php\">always changing attack surface<\/a>. To compound the problem, most organizations have potential points of entry unseen by security teams, but easily discoverable by threat actors.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Key Problems Facing Security Teams Today<\/h2>\n\n\n\n<p>While the security tools that organizations rely on, and spend most of their budget on, haven\u2019t fundamentally changed in the last 25 years, the enterprise IT they need to protect has. Exposure levels and the global threat context have changed significantly too. Consider that:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Organizations have expanded and broadly diversified their IT resources on-premises and in the cloud, making continuous monitoring and timely mitigation much more difficult.<br><\/li>\n\n\n\n<li>Current solutions, designed when companies had only a few servers connected to the internet, rely on user input and configuration and leave unprotected the broad swath of newer assets that organizations use, but likely aren\u2019t managing themselves, including third-party IT assets, cloud resources, and subsidiaries\u2019 IT environments.<br><\/li>\n\n\n\n<li>Threat actors are using offensive scanning and exploitation capabilities that are cheaper, more automated, and widely available.<br><\/li>\n\n\n\n<li>Cybercrime can be an attractive occupation, especially in countries where the median monthly income is less than $500 per month.<\/li>\n<\/ul>\n\n\n\n<p>Attackers have very specific goals \u2013 money or information \u2013 and they always look for the path of least resistance making the task of\u00a0<a href=\"\/blog\/vulnerability-scanners-are-no-match-for-modern-threats\/\">preventing cybercrime<\/a>\u00a0seem impossible. They are drawn to the opportunities that\u00a0<a href=\"\/blog\/vulnerability-scanners-are-no-match-for-modern-threats\/\">legacy tools and manual procedures ignore:<\/a>\u00a0unmanaged and unknown assets.<br><br>With this context, my co-founder, Dima Potekhin, and I thought: \u201cWhat if we could shift the paradigm, and instead of deploying agents or instructing a port scanner to scan a few known IP ranges, we could actually identify which \u2018zebras\u2019 are at risk and which open pathways are most tempting to bad actors?\u201d We looked to simulate an attacker&#8217;s whole offensive operation, starting from step one, where the attacker knows only a target company\u2019s name and has \u201ccompromise\u201d as an objective.<br><br>In 2017, we began to make this happen with the mission of protecting organizations from exploitation, using methods that were only being used by highly organized, well-funded nation-state actors.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">A Better Approach \u2013 A Large-Scale, Highly Robust Reconnaissance Process for \u201cOffensive Security\u201d<\/h2>\n\n\n\n<p>From our national intelligence agency experience, we knew attackers easily succeeded when security teams had visibility gaps and were unable to map and manage their organization\u2019s assets. That\u2019s when sensitive business assets on internal networks, in the cloud, and on&nbsp;partner or subsidiary networks get exposed or forgotten.<br><br>Attacks on those exposed elements can quickly spiral into a nightmare situation because they often include pathways to payment mechanisms (exposing customer credit card data), DevOps components (exposing source code and keys), intellectual property, and third-party gateways (exposing access to other companies\u2019 internal networks). Once those exposed assets are breached, they put business stability and important relationships at risk.&nbsp;<br><br>To allow security teams to understand what\u2019s exposed, and the paths of least resistance, we committed ourselves to developing a platform that could deliver large-scale automation of the whole reconnaissance process, a process that can take an attacker weeks, if not months, to run per organization. Performing that reconnaissance quickly would neutralize 99% of potential attack vectors \u2013 or at least make them very costly and complex \u2013 and performing that at a massive scale, for thousands of organizations, would change the dynamics for attackers and for the security products market.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Finding the Unknown and Unmanaged Assets<\/h2>\n\n\n\n<p>To find and map unknown and unmanaged assets, we built one of the biggest botnets in operation today, which scans and gathers data from 3.5 billion servers and connected devices. Our platform gathers dozens of fingerprints per asset and builds a graph data model with this massive volume of data to create a unique and powerful attack surface map for an organization that includes the business classification or context of each asset. This gives security professionals a deeper understanding of an organization\u2019s true risks and provides far more detail and insight than port scanners \u2013 which only gather two to three data points per asset, show a one-dimensional perspective using IP addresses, and do not understand business context.<\/p>\n\n\n\n<p>In the graph data model our platform creates, every node and asset have the full context of other assets in the same environment, the assets connected to it, and the types of data those assets expose. Our&nbsp;<a href=\"\/learn\/attack-surface-discovery.php\">attack surface graph provides entirely new levels of visibility<\/a>&nbsp;and prioritization, enabling organizations to decrease the number of critical attack vectors that security teams need to focus on.<\/p>\n\n\n\n<p>In this way, an organization\u2019s entire ecosystem is revealed for the first time, including those assets that have long been exposed as attractive conduits for malicious exploitation. Stressed-out security teams suddenly have new control to identify, prioritize and eliminate the critical blind spots that legacy solutions have failed to see. As a result, attackers are denied the easy access that they seek. And then, they are likely to move on in search of easier \u201cprey.\u201d And Dima and I say, \u201cMission accomplished.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CyCognito&#8217;s nation-state-grade reconnaissance platform prevents cybercrime by gathering dozens of fingerprints per asset and using graph data modeling.<\/p>\n","protected":false},"author":18,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[6,9],"class_list":["post-432","post","type-post","status-publish","format-standard","hentry","category-perspectives","tag-attack-surface-management","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Beating Attackers at Their Own Game - Preventing Cybercrime | CyCognito Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Beating Attackers at Their Own Game - Preventing Cybercrime | CyCognito Blog\" \/>\n<meta property=\"og:description\" content=\"CyCognito&#039;s nation-state-grade reconnaissance platform prevents cybercrime by gathering dozens of fingerprints per asset and using graph data modeling.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/\" \/>\n<meta property=\"og:site_name\" content=\"CyCognito Blog\" \/>\n<meta property=\"article:published_time\" content=\"2019-11-19T18:01:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-01-22T16:46:06+00:00\" \/>\n<meta name=\"author\" content=\"Rob Gurzeev\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Rob Gurzeev\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/\"},\"author\":{\"name\":\"Rob Gurzeev\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/d5cdeba13fde783ae5ebf80d0765b679\"},\"headline\":\"Beating Attackers at Their Own Game &#8211; Preventing Cybercrime\",\"datePublished\":\"2019-11-19T18:01:00+00:00\",\"dateModified\":\"2024-01-22T16:46:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/\"},\"wordCount\":891,\"publisher\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\"},\"keywords\":[\"Attack Surface Management\",\"Cybersecurity\"],\"articleSection\":[\"Perspectives\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/\",\"url\":\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/\",\"name\":\"Beating Attackers at Their Own Game - Preventing Cybercrime | CyCognito Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#website\"},\"datePublished\":\"2019-11-19T18:01:00+00:00\",\"dateModified\":\"2024-01-22T16:46:06+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.cycognito.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Beating Attackers at Their Own Game &#8211; Preventing Cybercrime\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#website\",\"url\":\"https:\/\/www.cycognito.com\/blog\/\",\"name\":\"Cycognito Blog\",\"description\":\"Research, Product News and Latest Updates\",\"publisher\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.cycognito.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#organization\",\"name\":\"Cycognito\",\"url\":\"https:\/\/www.cycognito.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png\",\"contentUrl\":\"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png\",\"width\":1720,\"height\":550,\"caption\":\"Cycognito\"},\"image\":{\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/d5cdeba13fde783ae5ebf80d0765b679\",\"name\":\"Rob Gurzeev\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/188f9b5d63c82a731809f453b8cc26f8?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/188f9b5d63c82a731809f453b8cc26f8?s=96&d=mm&r=g\",\"caption\":\"Rob Gurzeev\"},\"description\":\"CEO &amp; Co-Founder\",\"url\":\"https:\/\/www.cycognito.com\/blog\/author\/rob-gurzeev\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Beating Attackers at Their Own Game - Preventing Cybercrime | CyCognito Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/","og_locale":"en_US","og_type":"article","og_title":"Beating Attackers at Their Own Game - Preventing Cybercrime | CyCognito Blog","og_description":"CyCognito's nation-state-grade reconnaissance platform prevents cybercrime by gathering dozens of fingerprints per asset and using graph data modeling.","og_url":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/","og_site_name":"CyCognito Blog","article_published_time":"2019-11-19T18:01:00+00:00","article_modified_time":"2024-01-22T16:46:06+00:00","author":"Rob Gurzeev","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Rob Gurzeev","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/#article","isPartOf":{"@id":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/"},"author":{"name":"Rob Gurzeev","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/d5cdeba13fde783ae5ebf80d0765b679"},"headline":"Beating Attackers at Their Own Game &#8211; Preventing Cybercrime","datePublished":"2019-11-19T18:01:00+00:00","dateModified":"2024-01-22T16:46:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/"},"wordCount":891,"publisher":{"@id":"https:\/\/www.cycognito.com\/blog\/#organization"},"keywords":["Attack Surface Management","Cybersecurity"],"articleSection":["Perspectives"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/","url":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/","name":"Beating Attackers at Their Own Game - Preventing Cybercrime | CyCognito Blog","isPartOf":{"@id":"https:\/\/www.cycognito.com\/blog\/#website"},"datePublished":"2019-11-19T18:01:00+00:00","dateModified":"2024-01-22T16:46:06+00:00","breadcrumb":{"@id":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.cycognito.com\/blog\/news-release-beating-attackers-at-their-own-game-by-building-a-nation-state-grade-reconnaissance-platform\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.cycognito.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Beating Attackers at Their Own Game &#8211; Preventing Cybercrime"}]},{"@type":"WebSite","@id":"https:\/\/www.cycognito.com\/blog\/#website","url":"https:\/\/www.cycognito.com\/blog\/","name":"Cycognito Blog","description":"Research, Product News and Latest Updates","publisher":{"@id":"https:\/\/www.cycognito.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.cycognito.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.cycognito.com\/blog\/#organization","name":"Cycognito","url":"https:\/\/www.cycognito.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png","contentUrl":"https:\/\/www.cycognito.com\/blog\/wp-content\/uploads\/logo-1720x550-1.png","width":1720,"height":550,"caption":"Cycognito"},"image":{"@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/d5cdeba13fde783ae5ebf80d0765b679","name":"Rob Gurzeev","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.cycognito.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/188f9b5d63c82a731809f453b8cc26f8?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/188f9b5d63c82a731809f453b8cc26f8?s=96&d=mm&r=g","caption":"Rob Gurzeev"},"description":"CEO &amp; Co-Founder","url":"https:\/\/www.cycognito.com\/blog\/author\/rob-gurzeev\/"}]}},"_links":{"self":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/432","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/users\/18"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/comments?post=432"}],"version-history":[{"count":4,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/432\/revisions"}],"predecessor-version":[{"id":672,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/posts\/432\/revisions\/672"}],"wp:attachment":[{"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/media?parent=432"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/categories?post=432"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cycognito.com\/blog\/wp-json\/wp\/v2\/tags?post=432"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}