Ever lost sleep over possible hidden attack routes lurking in your organization’s attack surface? You’re not alone. The concept of ‘unknown-unknowns’ is a recurring nightmare for many IT professionals – but there are ways to mitigate the risks. We’ll explore the problem of unknown-unknowns and provide some practical strategies to help your organization uncover these hidden threats.

While Palo Alto Networks has not released patches for all affected versions, CyCognito has conducted active tests across all customer realms and 97.5% of CyCognito customers’ affected devices are no longer exploitable.

Unauthenticated, remote attackers can execute arbitrary OS commands with root privileges against certain Palo Alto’s GlobalProtect firewalls, using a just announced critical severity vulnerability which is being actively exploited in the wild. While limited to specific versions and configurations, unauthenticated remote command execution vulnerabilities are among the most severe security vulnerabilities that exist. Indeed, CVE-2024-3400 has a critical 10 out of 10 rating under CVSS.

In a time where cyber threats evolve as swiftly as the technologies they target, organizations need a strategic approach to rise above the noise while effectively reducing risk. Enter Continuous Threat Exposure Management (CTEM) — a paradigm-shift in cybersecurity introduced by Gartner. In this article, we compare and contrast CTEM with a closely related, traditional approach – vulnerability management – and discuss practical ways to apply CTEM in your organization.

The nature of cybersecurity risk has evolved dramatically over time, challenging traditional approaches to security. Historically, organizations have concentrated their efforts on fortifying assets they directly own, assuming that this strategy provides sufficient protection. Unfortunately, this narrow focus fails to acknowledge a fundamental truth: attackers operate without regard for ownership boundaries.

At a time when the cloud estate of organizations is expanding faster than ever, the attack surface is becoming harder to monitor. This blog post aims to demystify attack surface discovery. We’ll explore what it involves, why it’s important, and how it fits into securing your digital assets. By the end, you’ll understand why a nuanced approach to attack surface discovery isn’t just beneficial; it’s essential for staying a step ahead against today’s sophisticated threats.

Attack surface management (ASM) has taken center stage in cybersecurity discussions in recent years. The key factor that sets ASM apart from traditional vulnerability management is its more informed and intelligent response to threats – “the attacker’s point of view” so to speak. What makes this possible is security validation. That’s what we focus on in this article.

There is an important concept that runs through our product that I call explainability. I use the term a lot with our product and engineering teams to emphasize our data-first approach and our will to stand behind our data. The term is, well, self-explanatory, but I want to dig into it and show how it helps security professionals. To me, I don’t know any other way of building a product that customers will truly trust other than to explain how conclusions and rankings were determined.

Threat Intelligence is an important capability that many SOCs use to improve their security posture. Understanding what threat actors are targeting and how, can aid in everything from threat hunting to incident response. However, organizations often struggle with how to operationalize threat intelligence data they receive in order to actually accomplish this.

When it comes to cybersecurity and online protection, many regional ISP and telco providers are very late to the party to defend against malicious actors, like in the case of Russian APT groups. The COVID-19 crisis outlined the importance of the internet and computers. However, it also emphasized the importance of online security. One report showed that over 7.9 billion records had been exposed by data breaches from January to September of 2019.