The company closes the risk gaps between vulnerability scanning and attack surface management across the hybrid infrastructure.
New York – April 12, 2023 – Cymulate, a leader in cybersecurity risk exposure management and validation, announces the expansion of its Attack Surface Management (ASM) solution to close the gaps between traditional vulnerability management and ASM. Organisations will now have advanced capabilities to easily visualise their risk exposure across hybrid environments.
The company has achieved this by expanding its coverage to include the discovery of more attack surfaces and additional misconfiguration detection, cloud-specific scans and vulnerability discovery. Previously exclusive to external attack surface management, the new enhancements will scan the cloud footprints of Active Directory, Azure, GCP and AWS for misconfigurations and remediable security concerns.
Avihai Ben-Yossef, CTO y co-fundador de Cymulate, says: “Customers will benefit immediately from knowing the gaps in their publicly accessible infrastructure and through mapping the attack path to see how an attacker can traverse the network from the physical premises to the cloud and vice versa. This will greatly assist organisations in assessing the degree of risk to which their organisation’s assets are at risk.”.
Cymulate now closes the visibility gap
Vulnerability scanners are designed to identify, classify, prioritise and fix vulnerabilities that could be exploited, mainly from within the environment itself.
Attack surface management, meanwhile, has focused primarily on vulnerability discovery from an external perspective. This Cymulate solution now closes the visibility gap needed to understand whether an exposure has a viable attack path, whether security countermeasures effectively detect and warn, and validates that remediation achieves the desired risk mitigation. This takes exposure management to a new, more continuous and efficient level to rank and prioritise remediation of vulnerabilities.
The ASM solution extension provides the capabilities of four new tools: Active Directory Misconfiguration Scanning, Cloud Misconfiguration Scanning, Vulnerability Scanning, and Unified Attack Path Mapping and Analysis (UAPMA). This provides information beyond what needs to be patched and the option to use existing information from more sources to determine the priority of each remediation action.
The Unified Attack Path Mapping and Analysis (UAPMA) solution will enable:
- Support attack path and security validation across networks, clouds and identity systems, including Active Directory services.
- Provide a significantly more complete and detailed picture of viable attack paths and techniques that can be discovered compared to performing such scanning operations on just one infrastructure or the other.
- Take into account that interconnections and variables (such as trust and permissions, among others) can change an attacker’s path in unexpected ways.
Additionally, it will provide the ability to clearly identify and view attack paths (displayed as graphs and detailed information), offering a faster way to identify and close security breaches without disrupting business operations.
When used in conjunction with Cymulate’s Breach and Attack Simulation (BAS) technology, security teams can also validate whether controls related to the attack path correctly detect and warn of threat activity; and when a remediation is necessary, know where that remediation can best be applied to reduce any disruption to business operations. This combination indicates more precisely which vulnerabilities need to be prioritised and with what degree of urgency. The drivers for these improvements centre on the growing use of cloud computing, remote workers and third-party services, which are expanding the attack surface for organisations and creating numerous challenges in identifying and tracking assets across physical, hybrid and cloud infrastructure, as well as managing and protecting all exposed assets.
In addition, the inability to assess the risk posed by each asset, the proliferation of unmonitored assets – such as legacy infrastructure and shadow IT – add to the complexity of monitoring networks and increase risk, especially when operations are scaled up.
You can read the original article here.
