CyCognito Announces Next-Generation Platform to Eliminate Shadow Risk, Addressing a Fundamental Security Gap

CISOs Cite Need for Platform That Continuously Maps, Prioritizes and Guides Remediation of Unknown, Unsecured Conduits

Palo Alto, California – November 19, 2019

CyCognito Inc., developers of innovation to eliminate the world’s shadow risk, today introduced the CyCognito platform with important new capabilities that enable organizations to fully identify and assess their attack surface. The CyCognito platform continuously analyzes 3.5 billion internet-exposed assets and maps them to thousands of organizations, which has yielded some eye-opening research. Organizations report that they were effectively blind to as many as 75% of their assets prior to using the CyCognito platform.

The platform maps all Internet-exposed assets in an organization, determines their business context (i.e., relevance), detects and prioritizes attack vectors, and recommends remediation steps. It is the first platform to fully expose and map the organization’s entire attack surface, including assets that organizations don’t manage and may not even know exist, but that are readily identified by bad actors targeting the business, including assets that are part of third-party, partner and subsidiary environments. The CyCognito platform uses a unique reconnaissance process supported by a 60,000+ node botnet that surveils assets from multiple locations around the world, at multiple intervals, undetectably and non-intrusively, to reveal the full extent of the attack surface, including critical vectors that other solutions miss. Important new features in the platform enable customers to better avoid being breached due to their shadow risk, and further advances the platform’s unique ability to connect assets and their data with their business purpose and risk factors.

Newly added features include:

• The ability to automatically discover and associate all of the systems comprising a web application – including web servers, databases, load balancers, etc., which reveals the business purpose of these assets, thereby highlighting the impact a compromise of the assets would have.
• New workflow integration features, including role-based access control to ensure differentiated access based on a user’s scope of responsibility.
• An application programming interface (API) for integrating into existing workflows.

“I want as much visibility as possible to understand what is going on in my network and systems. The last thing I want is finding out from a customer, law enforcement official, or other external party that we have an attacker. If I understand my risks, then I can manage them. Most of the time, it is the unknown “shadow risks” that kill you. That could be a forgotten server or cloud environment that goes unmanaged. Eliminating the unknowns is critical because that is where most attackers will go first,” said James Christiansen, Vice President, Chief Information Security Officer, Teradata.

“The rise of shadow IT and the democratization of computing through increasingly flexible cloud computing options too often leave information security professionals in the dark when it comes to understanding their organization’s biggest cyber risks. Conventional risk discovery and assessment tools and practices haven’t kept pace with these changes, nor have they kept up with the changing threat landscape, leaving enterprises unwittingly exposed to attack. Borrowing a page from the darknet’s rent-a-botnet mode of operation allows infosec professionals to see their organization’s digital assets from a cyber criminal’s point of view to better shore up their defenses,” said Paula Musich, Security and Risk Management Research Director at Enterprise Management Associates.

“Security professionals understand all too well that attackers need just a single blind spot for entry, while defenders have to guard everything, all the time. Unfortunately, the legacy security approaches that are still being used to attempt to detect and pinpoint security risks are completely inadequate for the job,” said CyCognito CEO and Co-Founder Rob Gurzeev. “This is because these legacy solutions were designed 20+ years ago to protect a few servers connected to the internet. Today, these tools either neglect or are completely blind to half of the modern IT ecosystem of the average organization. Our customers inform us that the CyCognito platform quickly surfaced their shadow risk, the open conduits into their organization that their teams hadn’t seen.”

“Most organizations have expanded and broadly diversified their IT resources on-premises and in the cloud, making continuous monitoring and timely mitigation extremely challenging,” said Dima Potekhin, CyCognito CTO and Co-Founder. “The inspiration for the CyCognito platform was the realization that the explosive growth in the numbers of threat actors and the sophistication of their tools has leapfrogged the capabilities of legacy security solutions and most of today’s enterprises, even those who are highly security aware.”

Availability

The CyCognito platform has only been available to select large enterprise customers, and the newly released version is now generally available.

Additional Resources

• Founder’s Blog Post: Beating Attackers at Their Own Game
• Founder’s Blog Post: Creating Cyber-reconnaissance
• Investor Perspective: Arif Janmohamed, Partner at Lightspeed Venture
• CyCognito Research Blog: Organizations Are Blind to Attacker-Exposed Assets
• Platform Update: Increased Attack Surface Visibility and Security Workflows