CIO Bulletin

Empowering companies and uncovering the critical security risks they didn't even know existed: CyCognito

Keeping the workplace safe and free from serious accidents and injuries begins with identifying and assessing the risks. Before you can begin to control the risks, you have to know what they are and how they interact with day-to-day operations. It is only then that you can start working on ways to reduce, mitigate, and eliminate the risks as much as possible to make the workplace safer for all. The focus should be on the risks that pose the greatest risk to life and limb. However, smaller risks shouldn't be ignored, either. Risks that may seem small can quickly develop into a severe incident when left unmonitored and unattended. Risk control measures are a crucial tool to aid in the prevention of accidents or injury in the workplace. They should form part of the company's broader health and safety plan providing a method to identify, control, and reduce the risks present in the workplace. When used as part of an all-encompassing occupational health and safety plan, risk assessment, and control measures provide several benefits to your workplace.

Risk control measures are actions that are taken in response to a risk factor that has the potential to cause accidents or harm in the workplace. The control measures can either be designed to reduce the risks or eliminate them, with the latter being preferred. Control measures follow a hierarchical pattern, with each step being worked through and implemented to control and minimize the risk identified. Risk elimination is at the top of the hierarchy, being the most preferred option to control an identified risk. It will not be possible to remove all risks altogether, but this should be the first option considered and assessed. It offers the most significant protection by eliminating the threat.

CyCognito is one such firm that empowers companies to take full control over their attack surface by uncovering and eliminating the critical security risks they didn't even know existed. The firm uses its intelligence-agency expertise and keen understanding of hacker techniques to help organizations uncover their shadow risk and protect their entire attack surface before they can exploit any gap. The CyCognito platform lets you identify all of the attacker-exposed assets in your IT ecosystem for a complete view of your attack surface. With its comprehensive global botnet, the CyCognito platform uniquely reveals unknown and unmanaged assets associated with your organization, including those in the cloud, partner, and subsidiary environments critical to your cybersecurity risk management.

Why CyCognito

CyCognito empowers companies to take full control over their attack surface by uncovering and eliminating the security risks they didn't even know existed. Without input or configuration, the platform automates attacker reconnaissance at-scale, applying advanced analytics to identify, prioritize, and eliminate unknown unknowns. Its botnet and discovery engine use graph data modeling to map and classify the assets across your attack surface. It allows the users to take full control over your attack surface by uncovering and eliminating shadow risk the critical security risks that you didn't know existed.

How Does CyCognito Work

Global Bot Network

The firm continuously discovers and fingerprints billions of digital assets with a global bot network to identify your exposed assets all over the world. It also fingerprints every asset to capture identifying elements, including IP ranges, web applications, links, URL patterns, headers, banners, certificates, TLS configuration, related domain names, encryption ciphers, and many more. The firm uses sophisticated attacker-reconnaissance techniques, so it isn't detected or blocked by firewalls, content delivery networks (CDNs), or other technologies.

Discovery Engine

The firm analyzes and organizes all of the assets in your entire attack surface, what they are, and how they relate to your business, whether on-premises or in the cloud (IaaS, PaaS, SaaS), technology partner or subsidiary environments. It also identifies and prioritizes each asset's risks to easily identify those that are most important to your business and are most prone to compromise.

Multi-Vector Attack Simulator

This enumerates issues per asset and detects and prioritizes potential attack vectors. It also finds highly exploitable assets that provide access to other critical assets in your network, including context-based attack vectors, vulnerabilities, misconfigurations, data exposures, abandoned assets, and assets that shouldn't be exposed. The vector incorporates standard risk-detection techniques, including vulnerability assessment, encryption analysis, third-party feeds and databases, and more. It leverages unique and proprietary risk-detection techniques, including authentication testing, software misconfiguration detection, network design analysis, data exposure detection, code injection risks, and others.

The path-breaking solutions offered by CyCognito to eliminate the risk

Prioritize and Eliminate Attack Vectors

The CyCognito platform helps you eliminate critical attack vectors with a continuously updated and prioritized view of your attacker-exposed IT ecosystem. You and your security team can use the CyCognito platform to pinpoint dangerous risks just as attackers do. Organizations that still have to perform external legacy testing to meet customer agreements or compliance regulations use the CyCognito platform to augment and optimize those processes by focusing the legacy tests on the areas of most considerable risk that the CyCognito platform has identified.

Monitor Subsidiary Risk

The CyCognito platform gives you immediate visibility of the security posture of your subsidiaries. It identifies their attack surfaces and the effectiveness of their security controls, without requiring any deployment or configuration. The CyCognito platform takes the attackers' perspective to help you dramatically reduce your overall business risk. With no implementation required, it autonomously discovers and maps your organization's entire attack surface and identifies the business context of assets. It then detects and prioritizes the critical points of exposure that attackers can most easily exploit what CyCognito calls POLaR (the path of least resistance) and offers prescriptive remediation guidance, so your security team knows where to focus first and how to eliminate critical risks.

Assess Your Security Effectiveness

Manage your security performance with the CyCognito platform to fully understand and measurably improve your cybersecurity posture. The platform provides unprecedented visibility to risk across your organization's attack surface. You can perform a security self-assessment and measure your external risk, including your exposures in on-premises, cloud, partner, and subsidiary environments. This automated self-assessment is built upon a detailed analysis of each IT asset's business context and risk in your attack surface.

Evaluate Merger and Acquisition Risk

The CyCognito platform gives you immediate visibility to the cybersecurity posture of the targets you are evaluating for merger and acquisition (M&A). It identifies the breadth of a target organization's attack surface and the effectiveness of its security controls, without requiring any deployment or configuration.

Case Studies

Unseen Third-Party Asset Creates Risk

An international bank had a weak security spot that exposed bank communications. The weak spot was in a device connected to the bank by a third-party partner and went undetected even though it had recently conducted a two-month black-box pen testing engagement. The CyCognito platform revealed that the asset was part of the bank's IT ecosystem and found critical exposure nearly instantly.

Helping a Healthcare Organization Avert Disaster

A leading US healthcare organization with an exposed Oracle content management server on Oracle's cloud became misconfigured. This exposure left the door open for attackers to connect as an admin and upload arbitrary content to the main website - content that could redirect the organization's 100 million users to a fraudulent site or infect their assets. This type of data exposure would go undetected by legacy vulnerability scanners. And high-quality pen testers would take months to detect. Using the CyCognito platform, the organization immediately identified this exposure, eliminating the possibility of attack or exploitation.

Helping a Telecom Discover a Significant Shadow Risk

One of CyCognito's customers, a telecommunications company, deployed a defensive security solution, known as a deception system. The system was misconfigured by the vendor's engineer, exposing the company's entire management system on the open web. The CyCognito platform discovered the misconfiguration immediately, enabling the company to resolve the weak security spot before attackers could exploit it.

Internal Misuse Creates Risk

An engineer at a large international hospitality company created a primary Javascript web interface that allowed him to run commands on the mainframe and debug mainframe code from home. That interface was exposed to the internet, however, and if discovered by attackers, it would have allowed them access to the organization's reservation system and customers' personal information. The CyCognito platform enables security professionals to detect and curtail this type of misuse.

Attack Surface Visibility

Security practitioners and vendors universally recognize the need for attack surface analysis and management. Still, a critical point that may not be explicitly called out is that managing your attack surface isn't something you should start doing only after you have implemented your security stack. Instead, it must be a foundational step that guides your security program and resource investments.

The valiant leader behind the supremacy of CyCognito

Rob Gurzeev is the Co-Founder and also serves as the Chief Executive Officer of CyCognito. He has led the development of offensive security solutions for both the private sector as well as the intelligence agencies. Before founding CyCognito, Mr. Rob served as the Director of Offensive Security and head of R&D at C4 Security (acquired by Elbit Systems), and also as the CTO of the Product Department of the 8200 Israeli Intelligence Corps. Honors that he received as an Israel Defense Forces Officer included Award for Excellence, the Creative Thinking Award, and the Source of Life Award.