The Platform

Enable your security and operations teams to proactively identify, prioritize, and remediate exposures to stay ahead of attackers.

Watch a Demo
Use Cases

The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface.

Our Customers

External attack surface management is advancing cybersecurity into a new era. Learn how security experts across all industries benefit from using CyCognito’s platform.

About CyCognito

We believe all organizations should be able to protect themselves from even the most sophisticated attackers.

Contact us
Resources

The knowledge you need to manage and protect your attack surface.

What's New Blog
Case Study: Health Care

Human API Increases Security Effectiveness with CyCognito Platform

Attained continuous visibility into new assets and vulnerabilities within the ever-evolving attack surface

Empowered the security teams to rapidly identify, prioritize, and remediate critical issues

Gained comprehensive reporting used to support business case for adding additional resources

Security is paramount for Human API because their platform places a consumer at the center of managing their healthcare data and sharing their health data with doctors, labs, pharmacies, and other health care businesses.

Traditional assessments are point-in-time and, as a software company using Agile and DevOps methodologies, Human API understands very well that “security has to be a continuous process,” adds Bell.

The business challenge for Human API is how to deliver the highest levels of security with their limited security resources, while meeting customer expectations around legacy testing approaches.

Why CyCognito?

“The CyCognito platform helps us efficiently monitor security. There are thousands of threats out there; even an army of security staff can’t address them all. CyCognito helps us focus our efforts on what’s critical.”

Megan Bell
Chief Privacy and Security Officer

“We chose CyCognito because it delivers a continuous approach and focuses us on the critical security issues most likely to take place,” says Bell.

CyCognito helps Human API understand not just where they are potentially exposed, but provides them with an attack surface map showing them what assets and critical attack vectors are exposed. The clear prioritization and identification of risks by the CyCognito platform helps the security operations team be more efficient and get a greater return on investment from their security efforts.

“The CyCognito platform helps us efficiently monitor security. There are thousands of threats out there; even an army of security staff can’t address them all. CyCognito helps us focus our efforts on what’s critical,” says Bell.

Results

CyCognito platform benefits for Human API to-date include:

  • Continuous security assessment
  • Visibility to previously unknown threats
  • Helping the team quickly identify, prioritize and remediate critical risks
  • Prioritization of critical risks to be addressed
  • Validation that security controls are operating as expected
  • Information to help focus penetration testing
  • Data to support the business case for additional resources

One of the ways that Human API uses CyCognito is to validate security controls, configurations and thirdparty partners. The Human API IT ecosystem is cloud-based, and one of the benefits of today’s virtualized infrastructure is that a lot of security is built-in by default. But the model is also one of shared security responsibilities, and the enterprise owns proper configuration. “In these environments, dealing with a mountain of configurations is challenging, and misconfigurations can be a primary source of vulnerability,” says Bell.

The CyCognito platform provides Human API with new insights, identifying risks not previously been known or examined, including risks with third-party partners. Those findings have helped facilitate conversations with third-party providers about the security of their interactions.

“The CyCognito platform helps my team be more efficient because we are working from our threats to the specific assets,” says Bell. “It delivers a first line of understanding of what needs to be considered and evaluated and possibly mitigated and/or remediated. Otherwise, we could be chasing corner cases all day.”

“The CyCognito platform helps me figure out how to distill an overwhelming amount of information and determine what is a risk for our business.”

Megan Bell
Chief Privacy and Security Officer

Another use case for CyCognito at Human API is to set the context for penetration testing, which improves the benefit and quality of penetration testing. Bell notes, “There are thousands of risks and threat vectors for any organization small or large, and the challenge is to knowwhat’s most likely to be targeted.” Penetration tests don’t give you that. And, they don’t provide the continuous view needed for security operations; they provide a point-in-time snapshot. According to Bell, the question becomes, “How does one tailor a pen test? You cannot reasonably cover everything. Using CyCognito to understand the risks that are present informs how to scope a pen test and even select the methodologies.”

And Bell says that the clear identification of risks and priorities helps her justify requests for additional resources. “The information CyCognito provides helps us prioritize our investments,” Bell says, “and that’s always a good thing.”

Customer Profile

Human API empowers consumers by providing a simple but secure way to access and share their health data.

Organization's Security Goals
  • Continuous security assessment to match the continuous DevOps software development process
  • A risk-based approach to vulnerability management to identify where to focus security resources and optimize their impact
  • To raise the bar for attackers
Download the PDF

Human API Increases Security Effectiveness with CyCognito Platform

Health Care Case Study

“The CyCognito platform helps us efficiently monitor security. There are thousands of threats out there; even an army of security staff can’t address them all. CyCognito helps us focus our efforts on what’s critical.”

Address gaps proactively.

According to the Verizon Data Breach Investigations Report, 83% of cyberattacks occur through external attack vectors.

The CyCognito platform reveals more of your external attack surface than you were aware of previously. Most customers see at least 30% more. Our platform also tests more of your attack surface than you did before, so you can eliminate the gaps that attackers target and protect your entire attack surface.

83%
of cyberattacks occur
through external attack vectors