Now Available - Forrester Report: The Total Economic Impact™ Of The CyCognito Platform
Palo Alto, Calif. — CyCognito, the leader in external attack surface management and attack surface protection, today announced new research that shows while organizations invest significantly and rely heavily on penetration testing for cyber security, the widely used approach doesn’t accurately measure their overall security posture orbreach readiness — the top two stated goals among security and IT professionals. The research, conducted by Informa Tech, surveyed enterprises with 3,000 or more employees and found that 70 percent of organizations perform penetration tests as a way to measure their security posture and 69 percent to prevent breaches, yet only 38 percent test more than half of their attack surface annually.
Many organizations are conducting penetration tests to detect and mitigate threats yet remain dangerouslyvulnerable. CyCognito’s research shows that when using penetration testing as a security practice organizations lack visibility over their Internet-exposed assets, resulting in blind spots that are vulnerable to exploits and compromise. Just as locking the front door of a house but leaving the back door and windows unlocked creates an attractive target, attackers will naturally focus on those IT assets organizations leave untested.
Top findings include:
“Security testing should tell organizations what attackers are able to see and exploit so that defenders can prevent breaches. But when companies are only able to see assets they already know about, test just a portion of their attack surface, and do that only a few times per year, preventing breaches isn’t possible. So, the biggest takeaway from this report is that what organizations want or are hoping to achieve through pen testing versus what they actually are accomplishing are two very different things,” said Rob Gurzeev, CEO and co-founder of CyCognito. “There is very limited value in testing only a portion of your attack surface periodically. Unless you are continuously discovering and testing your entire external attack surface, you don’t have an overall understanding of how secure your organization is. If there is a path of least resistance, attackers will find it, and find a way to exploit it.”
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure. Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. The Palo Alto-based company is funded by leading Silicon Valley venture capitalists, and its mission is to help organizations protect themselves from even the most sophisticated attackers. It does this with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers.