What’s Happening in the Attack Surfaces Market: Mitigating Threats in the Cloud Age

We’re excited to bring Transform 2022 back in person on July 19 and virtually July 20 – August 3. Join AI and data leaders for insightful conversations and exciting networking opportunities. Learn more

For an increasing number of organizations, the explosion of attack surfaces has reached uncontrollable levels during the COVID-19 pandemic and the widespread adoption of cloud services. In fact, research shows that 7 in 10 organizations have been compromised by an unknown or unmanaged asset.

As remote working has become more popular during the pandemic, environments spanning on-premises and cloud environments have expanded the attack surfaces of enterprises to the point where they cannot be secured with traditional IT security approaches alone.

One of the key challenges in the explosion of the attack surface is that organizations find it difficult to identify exposed assets, and thus fail to address any software vulnerabilities they own.

“Internet-facing assets on the attack surface may have software vulnerabilities or be misconfigured, while user/administrator credentials may be stored in plaintext. Cyber ​​attackers use automated tools to scan for these vulnerabilities and can then exploit them for exploitation as part of cyber attacks,” said Senior Principal Analyst and ESG Fellow,” said Jon Oltsik.

The Attack Surface Management Market

As more organizations struggle to keep up with the increasing attack surface, many providers are emerging with attack surface management solutions to automate the discovery of these exposed assets, with providers such as CyCognito, Randori and NetSPI.

As Gartner Senior Principal Analyst Mitchell Scneider suggests, ASM platforms can “help answer questions such as ‘what does my organization look like from an attacker’s point of view. Based on that, where should I prioritize my resources in mitigating/remediing issues attackers are most likely to exploit?’”

In other words, they provide the user with a continuous view of the infrastructure throughout the environment and of any exposure to external threats.

These solutions sit loosely in the vulnerability management market, which researchers expect to reach a valuation of $2.51 billion by 2025 as organizations look for scalable solutions to secure their environments.

It is important to note that ASM platforms have the potential to eliminate repetitive manual tasks, not only for penetration testers and red teams, but also to provide under-resourced security teams with a solution for automatic asset discovery and protection.

CyCognito Launches Exploit Intelligence

One of the largest providers on the market is CyCognito, an ASM vendor currently valued at $800 million, which earlier this month added a new surface intelligence tool called Exploit Intelligence to its suite of existing third-party ASM solutions. .

The launch of Exploit Intelligence was timed favorably after the discovery of the Log4j vulnerability and provides companies with a solution for automatically discovering remote assets, testing vulnerabilities and generating threat-based insights.

“The recent Log4j vulnerability proved that most security teams do not have the visibility they need into a company’s attack surface to neutralize potential threats. This is not something that can be remedied with classic firewall and endpoint solutions. Today it is not enough to find unknown and unmanaged assets. Modern security teams also need the business and risk context to prioritize and neutralize potential threats,” said Rob Gurzeev, CEO and co-founder of CyCognito.

For CyConito, the answer to this challenge is to proactively identify assets, apps and devices connected to the network and test their security health.

Exploit Intelligence does this by “scanning billions of applications, servers and devices on the Internet to contextualize and identify exposed and unattended assets on the Internet that could serve as entry points for attackers, and to perform security tests on the assets and prioritization of the risks.

Randori wants to become the automated red team leader of the ASM

Another leader in the attack surface management market is Randori, which provides a tool that can automatically discover and monitor attack surface assets from an attacker’s perspective and prioritize them based on risk. These assets include services, IPs, domains, networks, and host names.

Randori successfully raised $20 million in Series A funding in 2020 and earlier this week announced the launch of its new channel program with partners such as AccessIT Group, DeFy Security, Eversec Group, Gotham Technology Group, Optiv, Set Solutions and Veristor.

One of the key features that sets Randori apart from other providers in the market is its continuous automated red teaming capabilities.

Automated Red Teaming allows organizations to proactively test the infrastructure in the environment against real-world attacks to demonstrate how effectively the organization’s defenses are under pressure.

“Our platform emulates how real attackers work. The way attackers discover a company’s attack surface, the way they prioritize targets, and the way they execute attacks. said Randori CEO and co-founder Brian Hazzard.

“We give organizations the ability to understand their adversary and validate the work of their program in the real world,” Hazzard said.

This is another approach to Cycognito, which aims to differentiate itself from competitors by emphasizing automation and automating tasks from asset discovery to risk assignment and continuous mapping of the external attack surface. of an organization.

NetSPI Brings Penetration Testing to the ASM Market

As the need for ASM solutions grows, many security vendors are starting to enter the space. One such vendor is NetSPI, a penetration testing-as-a-service provider that has raised $100 million in funding to date, which last month launched a new ASM tool that includes human penetration testing.

NetSPI’s solution automatically scans assets on the attack surface and alerts users to high-risk exposures, while NetSPI’s in-house team evaluates the risk of discovered issues and advises the organization on how to fix them.

The use of human penetration testing is unique in the market and allows organizations to take advantage of automated asset scanning in addition to the rich risk insights of an experienced penetration testing team, who can identify which threats pose a risk in a way that automated solutions cannot.

VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Learn more

This post What’s Happening in the Attack Surfaces Market: Mitigating Threats in the Cloud Age

was original published at “https://venturebeat.com/2022/03/30/whats-happening-in-the-attack-surface-market-mitigating-threats-in-the-cloud-era/”