Demo of the CyCognito Platform

See the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. 

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. 

The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. 

 
Perspectives

When your Security Tools Introduce Security Weaknesses

Sam-Curcuruto
By Sam Curcuruto
Was Sr. Director, Product Marketing at CyCognito
November 23, 2021

On the heels of another zero-day vulnerability found in a security tool, we’ve been working with our customers to show them whether or not they have internet-exposed assets which are affected by that vulnerability.

Attack surface management is more than you think.

There is often the misconception that attack surface management is focused only on website and web-app infrastructure. And for some tools, that is the focus.

Our worldview (and our solution to the hair-on-fire tasks around zero-day vulnerabilities) maintains the belief that everything that is exposed to the internet, including your security tools and appliances, must be cataloged and tested for security gaps and weaknesses.

It’s becoming more prevalent that security tools are used as initial access into organizations, even though it flies in the face of conventional wisdom. But more vulnerabilities in security tools and breaches associated with issues in the software supply chain show that it’s absolutely critical for everything in your attacker-exposed attack surface to be continuously monitored – including your cloud infrastructure, third-party partners, and, yes, your security vendors.

Visibility and testing of everything is key.

In this instance, our platform made it easy to understand if an organization was affected. When it was discovered that particular firewall and VPN appliances from Palo Alto Networks – which have to be internet-facing to allow users to connect – were vulnerable to remote code execution, security operations teams could quickly search their entire external attack surface to uncover whether or not they’re impacted by the new zero-day.

This is just one example. Of course, tomorrow is another day and there will be new vulnerabilities in different software, devices, and infrastructure.

If you’d like this kind of visibility into your external attack surface and the assets that it consists of, reach out and we’ll gladly have a conversation around your attack surface management goals.


Topics



Search the Blog



Recent Posts






Tim Matthews
How to Budget for EASM
By Tim Matthews
November 18, 2024


Top Tags



CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.

O'Reilly Report

Moving from Vulnerability Management to Exposure Management

Moving from Vulnerability Management to Exposure Management

Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.

Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.