Enable your security and operations teams to proactively identify, prioritize, and remediate exposures to stay ahead of attackers.
Watch a Demo
The expansion of an organization's attack surface continues to present a critical business challenge. Download the GigaOm Radar for Attack Surface Management to get an overview of the available ASM solutions, identify leading offerings, and evaluate the best solution for you. More...
The CyCognito platform helps you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface.
Download CyCognito’s State of External Exposure Management Report to learn key recommendations that your Security teams can implement to improve their exposure management strategy and minimize risk. More...
External attack surface management is advancing cybersecurity into a new era. Learn how security experts across all industries benefit from using CyCognito’s platform.
Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...
We believe all organizations should be able to protect themselves from even the most sophisticated attackers.
Contact usA cyber kill chain is a series of 7 stages that model the primary actions conducted in a cyberattack. Lockheed Martin developed the cyber kill chain model in 2011 to help cyber defenders identify and prevent the steps of an attack. Other organizations have slightly different models and critics have noted that attackers increasingly flout the cyber kill chain model, but there is broad agreement that organizations should always strive to eliminate potential threats as early as possible in the cyber kill chain.
Another model for the cyber kill chain is the MITRE ATT&CK framework which provides a detailed list of tactics and techniques attackers will use.
The seven phases of the Lockheed Martin model are: reconnaissance, weaponization, delivery, exploitation, installation, command & control, and actions on objectives. An attacker conducts reconnaissance by probing for security gaps themself (or can purchase reconnaissance services / results as well). Once a weak point has been identified, the attacker moves to the weaponization phase and develops (or purchases) a weapon to exploit it, such as a virus or zero-day. In the delivery phase, the weapon is launched, for example, by email, delivering an infected USB key, via cross site scripting, or accessing a system remotely. Once the target is exploited, the attacker can install tools to maintain access, execute actions remotely, cover their tracks, and gather data. During command and control and actions on objectives, data may be exfiltrated, other systems targeted and, in the case of ransomware, data may be encrypted to get a “double” extortion: First by selling data or access to criminals and then by having the victim(s) pay for access to their own systems and data.
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure.
Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. Based in Palo Alto, CyCognito serves a number of large enterprises and Fortune 500 organizations, including Colgate-Palmolive, Tesco and many others.
For more information, follow us on Twitter @cycognito.
Privacy Policy Terms of Service Sitemap