About the company:
CyCognito is an Israeli company that specializes in cyber threat risk prevention. Their applications are designed to uncover and eliminate critical security flaws that companies never even suspected.
Solutions:
CyCognito - Attack Surface Monitoring
The CyCognito platform focuses on what attackers think, see, and do to help dramatically reduce overall business risk. With no implementation required, the platform maps the entire external attack surface. The information is delivered to operational teams through a user interface and a wide range of integrations. Automated workflows enable timely response. This speeds up problem resolution by providing information, evidence, and prescribed guidance on how to fix them.
Platform capabilities
CyCognito provides the ability to identify, prioritize and eliminate the most critical cyber risks for a given organization including:
Attack surface detection and mapping
CyCognito automatically discovers assets, exposed on the Internet by eliminating “blind spots” spots, caused by unknown or forgotten infrastructure and provides a unified and complete inventory of digital assets.
Automated security testing
Continuous automated testing of the security of all assets on the Internet, allows the discovery of the real vulnerabilities for a given organization. Some issues found in active testing include weak and misconfigured protocols and ciphers, logging issues across systems, man-in-the-middle attacks, and unprotected or exposed data.
Integrated threat intelligence and exploitation
CyCognito uses threat intelligence in combination with vulnerability data on exposed assets to show vulnerable locations and those most likely to be attacked.
Intelligent correction guidelines
The platform provides guidance and a plan for correcting identified issues, which supports the work of the operations teams.
How does CyCognito work?
Business graphics and asset relationships
- It enables mapping of the business structure, subsidiaries, acquired companies, and cloud environments. Machine learning and processing reveal a complete list of assets exposed to attacks for a given organization.
- Validate discovery data by providing the exact address of these assets, evidence, and justification for why the assets were associated with the organization.
- Inventory all external digital assets, including IP ranges, web applications, links, URL patterns, banners, certificates, code snippets, embedded software, TLS configuration, related domains, encryption ciphers, and much more.
Automatically determines the business context
- Analyzes and classifies assets based on the structure of the organization. Whether on-premises or in the cloud (IaaS, PaaS, SaaS), at a technology partner or in subsidiary environments.
- Automatically associates which assets and data belong to specific departments or subsidiaries within the organization. Provides analysis of the business processes associated with these assets and what risks and attack vectors they are exposed to.
Continuously test security at scale
- Exceeds scanning of ports and identification of common vulnerabilities and exposures (CVE). Through automatic and active testing of assets for enumeration, validating and evaluating of vectors of attack against basis of the context.
- Identifies all attack vectors, including non-CVE-related weaknesses such as data exposure, misconfigurations, code injection risks, and zero-day vulnerabilities.
Prioritises risks
- Assesses risks based on attacker priorities, business context, detectability, ease of exploitation, and remediation complexity - including whether attacks have occurred.
- Determine security grades for the entire organization as well as for asset type, business unit, issue, and region to help understand where weaknesses exist and track improvement over time.
Accelerates recovery
- Saves security teams time and reduces the window of exposure by automatically providing detailed guidance to correct any identified risk.
- Provides automated guidance on what needs to be done to achieve desired remediation results through planning.
- CyCognito provides remediation guidance, planning, and information for assets under attack, including SIEM/SOAR, ticketing systems, communication and collaboration systems, GRC, and asset management tools.
- Analyzes and reports on changes and trends in assets exposed to attacks, including progress of remediation and new issues.
