The Platform

Enable your security and operations teams to proactively identify, prioritize, and remediate exposures to stay ahead of attackers.

Watch a Demo
Products Overview Attack Surface Management Automated Security Testing Exploit Intelligence
Features How It Works Discovery Contextualization Active Security Testing Prioritization Remediation Acceleration
GigaOm Radar for Attack Surface Management 2024

The expansion of an organization's attack surface continues to present a critical business challenge. Download the GigaOm Radar for Attack Surface Management to get an overview of the available ASM solutions, identify leading offerings, and evaluate the best solution for you.  More...

Use Cases

The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface.

Real World Solutions Assess Your Security Effectiveness Evaluate Merger & Acquisition Risk Manage Your Attack Surface
  Monitor Subsidiary Risk Prioritize & Eliminate Attack Vectors Scale Your Pen Testing Simplify Compliance Initiatives
State of External Exposure Management

Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk. More...

Our Customers

External attack surface management is advancing cybersecurity into a new era. Learn how security experts across all industries benefit from using CyCognito’s platform.

Meet Our Customers Customer Overview Customer Stories Asklepios Ströer Human API Scientific Games
Current Customers Customer Testimonials Customer Videos Customer Support Customer Login Knowledge Base
The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...

About CyCognito

We believe all organizations should be able to protect themselves from even the most sophisticated attackers.

Contact us
Company About Us Leadership Team Careers Privacy and Trust
News Latest News Press Releases Media Coverage Events Awards
Partners Partner Program Resellers, MSPs & Systems Integrators Technology Alliance Partners
  Partner Training Sales Training Technical Bootcamps Become a Partner Partner Login
Resources

The knowledge you need to manage and protect your attack surface.

What's New Blog
Resources Research Reports White Papers + eBooks Solution Briefs Datasheets Webinars Videos
Learning Center Application Security Attack Surface Exposure Management Vulnerability Assessment Vulnerability Management
EASM 101 External Attack Surface Management Attack Surface Management Attack Surface Discovery
  Attack Surface Protection Attack Surface Reduction Security & Compliance Glossary

Hacker Economy

The hacker economy has emerged as a multi-billion dollar criminal industry formed by individual and organized hacking networks.

Hackers use a variety of methods to extort, steal, and defraud targeted institutions as well as individuals, including:

  • Direct ransomware - threat attackers utilize ransomware to encrypt systems and data. They hold the ability to unlock the systems as hostage for ransom, usually in the form of relatively untraceable cryptocurrency like Bitcoin.
  • Supply-chain ransom - when a threat actor has stolen data or gained privileged access to threaten the disclosure as ransom against affected parties.
  • Selling malware - a B2B/B2C solution selling malware to other hackers. This is growing as a highly developed and advanced black market operation. Learn more about commonly used techniques on MITRE ATT&CK's malware page.
  • Selling access - a B2B/B2C solution selling credentials to other hackers. Learn more about purchasing technical data from MITRE ATT&CK.
  • Selling credit card numbers or personally identifiable information (PII) - these are used to set up fraudulent personas for committing crime or espionage.
  • Automated phishing software-as-a-service - developed and sold on the darkweb to improve the efficiency of phishing operations.
  • Infiltrating financial accounts - using details from compromised financial accounts to appropriate funds for purchasing stocks. This is often done to raise the price of a stock and sell them for profit.
  • Cryptojacking - malware is inserted on a victim's system(s) to surreptitiously lend computational processing to a crypto-mining operation.
  • Botnet/DDOS for hire - a B2B/B2C SaaS operation where systems that have been compromised by hackers called ‘bot herders’ are rented out as a service to other hackers to be used for nefarious purposes. Learn more about botnet techniques on botnet techniques from MITRE ATT&CK.
The hacker economy is more than just the hackers trying to attack and infiltrate sites and systems. It’s also the SaaS and B2B market that has grown to support hacking operations due to the high return on investment.

See Also