External attack surface management helps identify previously unknown or forgotten internet-facing assets and the risks they present
PALO ALTO, Calif., June 02, 2021 (GLOBE NEWSWIRE) -- CyCognito, the leader in external attack surface management and protection, announced it has been recognized by Gartner as a vendor offering the emerging technology External Attack Surface Management (EASM). EASM, a new technology market identified by Gartner, is “an emerging product set that supports organizations in identifying risks coming from internet-facing assets and systems that they may be unaware of.”1
Attackers look for the path of least resistance to breach organizations and those easy paths often involve accessing an organization’s data, applications, and networks, whether they are on-premises or in cloud, subsidiary, third-party, or partner environments. Recent supply chain and ransomware attacks are evidence of this. To stay ahead, organizations must think like an attacker and consider the entire attack surface. Therefore, the best way for an organization to protect itself, is to see, understand and manage all the ways an attacker might gain access.
In late 2020, CyCognito and ESG surveyed security professionals who reported that, when defining their attack surface:
- 47 percent don’t think to include SaaS applications.
- 45 percent don’t think to include workloads running in the public cloud.
- 45 percent don’t think to include third parties.
Attackers have proven over and over that their way works. They surveil and test attack surfaces nearly continuously until they find a path that provides little resistance. Preventing breaches requires that organizations do the same. They must perform reconnaissance across their entire IT ecosystem, using an external attack surface point of view, and thoroughly test all exposed assets using an sophisticated array of security testing techniques.
“Most organizations define their attack surface too narrowly and it often leaves them with blind spots that actually become the most attractive points of entry for attackers. It is simply not possible to protect an organization’s attack surface without visibility and risk assessment of all of your IT assets,” said Rob Gurzeev, CyCognito CEO and co-founder. “Organizations must look at their attack surface the way attackers do — from the outside in, adopting an external attack surface management and protection perspective. External attack surface management and protection has become a critical, if not the most important aspect of a company’s cybersecurity posture, and we’re pleased that Gartner has formally recognized external attack surface management as a category.”
Gartner has previously identified CyCognito as a Cool Vendor in the 2020 Gartner “Cool Vendors in Cyber and IT Risk Management” report.
About CyCognito
CyCognito solves one of the most fundamental business problems in cybersecurity: seeing how attackers view your organization, where they are most likely to break in, what systems and assets are at risk and how you can eliminate the exposure. Founded by national intelligence agency veterans, CyCognito has a deep understanding of how attackers exploit blind spots and a path of least resistance. The Palo Alto-based company is funded by leading Silicon Valley venture capitalists, and its mission is to help organizations protect themselves from even the most sophisticated attackers. It does this with a category-defining, transformative platform that automates offensive cybersecurity operations to provide reconnaissance capabilities superior to those of attackers.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
1Gartner, ‘Emerging Technologies: Critical Insights for External Attack Surface Management’, Ruggero Contu, Elizabeth Kim, Mark Wah, March 19, 2021
CyCognito Contact:
Raphael Reich
CyCognito
(650) 888-0413
raphael@cycognito.com