Products Overview Attack Surface Management Automated Security Testing Exploit Intelligence
Platform How It Works AI at CyCognito Integrations Pricing
 
Demo of the CyCognito Platform

See the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. More...

Real World Solutions Assess Your Security Effectiveness Secure Your Software Supply Chain Manage Your Attack Surface
  Monitor Subsidiary Risk Prioritize & Eliminate Attack Vectors Scale Your Pen Testing
  Simplify Compliance Initiatives Evaluate Merger & Acquisition Risk
State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. More...

Meet Our Customers Customer Overview Customer Testimonials Customer Videos
Customer Stories Berlitz Asklepios Ströer Human API Scientific Games
Current Customers Customer Support Customer Login Knowledge Base
The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. More...

Company About Us Leadership Team Careers Privacy and Trust Contact Us
News Latest News Press Releases Media Coverage Events Awards
Partners Partner Program Resellers, MSPs & Systems Integrators Technology Alliance Partners Become a Partner Partner Login
External Exposure & Attack Surface Management For Dummies

As your attack surface has grown to cloud infrastructures and across subsidiaries, attackers are looking for and finding unknown and unmanaged assets to serve as their entry points. More...

Resources What's New Research Reports White Papers + eBooks Solution Briefs Datasheets
  Webinars Videos Blog Glossary Security & Compliance
Learning Center API Security Application Security Attack Surface Cloud Security Cyber Attack
  DRPS Exposure Management Penetration Testing Vulnerability Assessment Vulnerability Management
EASM 101 External Attack Surface Management Attack Surface Management Attack Surface Discovery Attack Surface Protection Attack Surface Reduction
Product Advantages Why CyCognito? Cost Savings Calculator
Competitive Advantages CyCognito vs. Microsoft Defender EASM CyCognito vs. Palo Alto Networks Cortex Xpanse CyCognito vs. Tenable ASM
 
GigaOm Radar for Attack Surface Management

The expansion of an organization's attack surface continues to present a critical business challenge. Download the GigaOm Radar for Attack Surface Management to get an overview of the available ASM solutions, identify leading offerings, and evaluate the best solution for you.  More...

CyCognito Blog

Research

Research

Exclusive EASM Report: Mergers and Acquisitions Top 2022 External Attack Surface Management Risks

Tom-Spring
By Tom Spring
Was a Media Manager at CyCognito
June 2, 2022

Mergers and acquisitions, poorly managed web apps and insecure PII represent biggest risks tied to external attack surfaces in 2022. 

Go to the Post


Research

Big Problem with BIG-IP: Vulnerability Alert | CVE-2022-1388 in F5 BIG-IP

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
May 12, 2022

On May 4th, 2022, F5 announced their internal discovery of a remote code execution (RCE) vulnerability, CVE-2022-1388, that affects all firmware versions of their BIG-IP product.

Go to the Post


Research

One month in: CyCognito looks at Spring4Shell

Jason-Pappalexis
By Jason Pappalexis
Sr. Technical Marketing Manager
May 5, 2022

NIST assigned Spring4Shell a score of 9.8, most likely out of concern of a similar blast radius to Log4Shell, which was trivial to exploit and very common.

Go to the Post


Research

Detecting and Validating Spring4Shell Vulnerability: CVE-2022-22965

Alex-Zaslavsky
By Alex Zaslavsky
Was Sr. Product Manager at CyCognito
April 6, 2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.

Go to the Post


Research

Set Up Your Log4J Response Plan

Jim-Wachhaus
By Jim Wachhaus
Was Director of Technical Product Marketing at CyCognito
December 17, 2021

Based on our experience responding to these issues, advice from expert CISOs, and our community of customers here are steps for a simplified response plan you can use today and for future outbreaks.

Go to the Post


Research

Apache Log4j | Are you vulnerable?

Jim-Wachhaus
By Jim Wachhaus
Was Director of Technical Product Marketing at CyCognito
December 12, 2021

The log4j vulnerability affects code across the world. Learn how to protect your organization with the CyCognito Platform today.

Go to the Post


Research

Top Attack Vectors and How to Prevent Them

Sam-Curcuruto
By Sam Curcuruto
Was Sr. Director, Product Marketing at CyCognito
November 18, 2021

Attack vectors are the path an attacker uses to gain access to your organization’s network. Find out more about the top attack vectors and learn to steer clear of them.

Go to the Post


Research

Vulnerability Notice: Patch CVE-2021-31166

Alex-Zaslavsky
By Alex Zaslavsky
Was Sr. Product Manager at CyCognito
May 21, 2021

New Vulnerability Patch. Check your IIS servers and make sure that for those newer Windows 10 servers affected that CVE-2021-31166 has been patched.

Go to the Post


Research

Colonial Pipeline Highlights Weaknesses in Global Supply Chain

Jim-Wachhaus
By Jim Wachhaus
Was Director of Technical Product Marketing at CyCognito
May 12, 2021

All organizations such as Colonial Pipeline are under threat of ransomware. These attack vectors arise because they lack attack surface visibility.

Go to the Post


Research

Research Results: The Challenges With Pen Testing for Cybersecurity

Raphael-Reich
By Raphael Reich
Was Vice President of Marketing at CyCognito
May 5, 2021

Does pen testing still make sense in an era of digital transformation where companies are reinventing themselves to be digital-first businesses?

Go to the Post


Older PostsNewer Posts

Topics


Search the Blog



Featured Posts

Emma Zaballos
A New Framework: Understanding Exposure Management 
By Emma Zaballos
November 11, 2024
Jason Pappalexis
Six Signs that Exposure Management is Right for Your Organization
By Jason Pappalexis
October 14, 2024
Jason Pappalexis
Think your attack surface is covered? Let’s look at the math.
By Jason Pappalexis
September 30, 2024
Emma Zaballos
Defensive Playbook: Understanding New Trends in External Risk with CyCognito’s State of External Exposure Management Report
By Emma Zaballos
September 23, 2024
Graham Rance
Web Application Security Testing: Struggles, Shortfalls and Solutions
By Graham Rance
June 3, 2024


Top Tags


CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.
O'Reilly Report

Moving from Vulnerability Management to Exposure Management

Moving from Vulnerability Management to Exposure Management

Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.
Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.

Request a Scan