A new risk intelligence solution provides insight, visibility and guidance to efficiently identify, prioritise, and remediate vulnerabilities like Log4j
CyCognito announced the addition of Exploit Intelligence to its External Surface Attack Management solutions suite. Exploit Intelligence offers an end-to-end solution that prioritises which risks to remediate immediately — before they are exploited — by proactively discovering external assets, testing vulnerabilities, and providing expert threat- and risk-based insight.
Developed to help security teams focus on the most critical risks, Exploit Intelligence creates in-platform advisories about threats being exploited in the wild and aligns them with risks in the organisation’s external attack surface. The platform also automates pen testing and red teaming processes, including reconnaissance, security testing at-scale, exploit analysis to determine how safe exploits are. It then guides using exploits so that security experts can work more effectively and efficiently.
“External attack surface management provides an outside-in perspective that helps organisations see themselves as an attacker would. Adding a layer of threat intelligence – information about what attackers are doing — helps sharpen that point of view,” said Jon Oltsik, ESG Senior Principal Analyst and ESG Fellow. “When you know what attackers are doing in the wild, how they see your organisation, and where you are vulnerable to their latest actions, it enables you to focus and accelerate remediation on high-risk priorities that must be addressed quickly.”
“The recent Log4j vulnerability proved that most security teams lack the insight to understand how they are being impacted, what issues to prioritise and what steps to take to neutralise potential threats,” said Rob Gurzeev, CEO and co-founder, CyCognito. “That’s because there’s a critical gap in vulnerability management: tying internet-exposed vulnerabilities with in-the-wild attacker activity. Exploit Intelligence provides the level of visibility, testing capabilities and expert guidance so security teams can quickly find and prioritise issues before a threat becomes a serious breach. Like Tesco, many of our customers are already seeing benefits from Exploit Intelligence, which helps them prioritise exploitable attack surface issues in the right order.”
Primary features and benefits of Exploit Intelligence include:
- Expert Advisories: Leverage curated threat intelligence to show how attackers are actively exploiting vulnerabilities in the wild and how those threats map to vulnerabilities in their attack surface. A detailed summary graph paints a clear picture of assets at risk and details what subset of assets remain vulnerable and protected.
- Exploit Validation: Receive step-by-step guidance to exploit vulnerabilities and simulate breaches safely. Simulation makes it possible to validate your security countermeasures and evidence by finding the presence or lack of Indicators Of Compromise in your SIEM, XDR. Leverage MITRE ATT&CK Framework mappings to better communicate and understand potential adversary behaviour.
- Communicate to Stakeholders: Leverage information about threats in the wild and combine that with the state of your attack surface to help answer questions like, “are we impacted by this latest issue?”
