Offensive security is a proactive approach to protecting an organization’s exposed IT assets.
It follows a process called “Attack Surface Management,” which continuously monitors and discovers new threats, whether they are in the cloud, on-prem, or come from a third-party. It also assesses the security of all known and unknown attack surfaces.
The founders of CyCognito, a cybersecurity platform, took it one step further by combining the ASM approach with automated testing to create an “External Attack Surface Management Solution.” This architecture enables them to achieve both resilience and high performance at scale.
Ansh Patnaik, the CPO at CyCognito, breaks down their offensive strategy during a recent Confessions of a CPO webinar.
1. Build an easy setup with a zero-touch, no deployment footprint
Companies are vulnerable in places they didn’t even know existed. Luckily, CyCognito can not only reveal vulnerable assets, but also do so without deploying anything or much effort from the vulnerable company.
After that, they take it a step further and, with a company’s permission, map the vulnerable assets they’ve uncovered to the respective subsidiaries. This would typically take weeks of manual work but CyCognito’s architecture allows this to be done in no time at all.
2. Automate to achieve even greater impact
CyCognito is able to maintain usability, resilience, and performance by automating everything their top analysts do. They’re also able to layer more and more capabilities to their solution:
“What we’ve been doing for a few years now is turning that expertise into a product and automating everything and each time we do that the analyst team can go even further. So you get this magic of more depth constantly being brought into the product.”
Because of automation, the platform can go much deeper with its discovery. More specifically, it can uncover far more of the previously unknown attack surface and map assets to subsidiaries with even higher accuracy.
3. Minimize time to remediation
So what happens after a critical finding occurs? CyCognito leverages Workato’s built in workflow automation capabilities to trigger the necessary actions, such as notifying the right teams, opening a ticket in Jira, populating their asset management system, and much more—all working to significantly reduce time to remediation.
Patnaik went on to say that he only expects the CyCognito platform to improve in this area:
“We’re building lots more right now so the remediation advantage is just going to get richer and more robust than what most folks in cybersecurity offer.”
