The U.S. SEC recently adopted new cybersecurity disclosure rules. This post describes the new disclosure rules and the potential burdens being placed on CISOs.
Read more about What CISOs Need to Know About the SEC’s New Rules
Your source for exposure management research, product news, and security insights.
The U.S. SEC recently adopted new cybersecurity disclosure rules. This post describes the new disclosure rules and the potential burdens being placed on CISOs.
Read more about What CISOs Need to Know About the SEC’s New RulesSince its inauguration, CyCognito has integrated AI techniques to power the platform’s robust and accurate attack surface discovery and testing capabilities. And it continues to add new capabilities all the time. Read the blog post to learn some of the tasks that CyCognito’s AI helps power or simplify and the various techniques it leverages.
Read more about AI at CyCognitoPalo Alto Networks announced the discovery of CVE-2024-3400. CyCognito has informed affected customers of potentially affected assets.
Read more about Emerging Security Issue: Palo Alto Networks GlobalProtect PAN-OS Software CVE-2024-3400Dive into ‘Explainability’ and its role for IT and Security professionals. Understand its significance and discover real-world examples that highlight its business impact. Discover how Explainability can transform business operations and decision-making for your IT and Security teams.
Read more about Explaining Explainability: CyCognito’s Data-First ApproachThis GigaOm Radar report examines 22 of the leading ASM solutions in the market. It compares offerings against the key capabilities, including continuous discovery of attack surface, managing inventory of attack surface assets, identifying risks in attack surface, and false positive management. CyCognito was named a Leader and Fast Mover because of its innovative approach to asset discovery and vulnerability assessment, balanced with a solid foundation in mature platform offerings.
Read more about CyCognito Recognized as Leader in the GigaOm Radar for Attack Surface ManagementBenjamin Bachmann, VP of Group Information Security at Ströer, transformed the German media conglomerate’s security posture by implementing CyCognito.
Read more about How Ströer, Uncovers and Secures Hidden Digital Assets with CyCognitoCISA’s proactive approach to cybersecurity is highlighted, focusing on two directives: BOD 22-01, which mandates agencies to consult the “Known Exploited Vulnerabilities Catalog,” and BOD 23-01, aimed at improving agency asset visibility and vulnerability detection. These directives emphasize asset discovery and vulnerability enumeration as crucial activities for risk reduction. CyCognito’s platform aligns with these directives by automating discovery, contextualizing assets, and prioritizing vulnerabilities based on attacker perspective, enabling organizations to efficiently close gaps in their attack surface management.
Read more about The CISA Points Way Forward for More Effective Vulnerability Management with Directive 23-01Networking equipment vendor Juniper Networks recently exposed current and former customer information due to a Salesforce misconfiguration. While incidents like these can give attackers valuable data and footholds into your network, leveraging exposure management best practices and processes can help organizations mitigate these risks.
Read more about The Long Tail of the Supply Chain: Leveraging Exposure Management to Mitigate Risk from Current or Former VendorsThere are three approaches to External Attack Surface Management (EASM) for securing complex and evolving attack surfaces in modern organizations. Each has its own set of considerations, including the limitations of traditional methods and the resource-intensive nature of human reconnaissance, which clearly underscore the benefits of an automated and comprehensive EASM solution like CyCognito.
Read more about Three Approaches to External Attack Surface ManagementTwo security issues affecting the popular Ivanti Connect Secure and Ivanti Policy Secure remote access SSL VPN systems can be chained together to give unauthenticated attackers remote access to critical systems. CyCognito’s active testing protects our current customers and delivers key insights about these vulnerabilities in the CyCognito platform.
Read more about Emerging Security Issue: Ivanti Vulnerabilities CVE-2023-46805 and CVE-2024-21887
