Cymulate has expanded of its Attack Surface Management (ASM) solution to close gaps between traditional vulnerability management and ASM. Organizations will now have advanced capabilities to easily visualize risky exposures across hybrid environments. The company achieves this by extending its coverage to include more attack surface discovery and added misconfiguration detection, Cloud-specific analysis, and vulnerability discovery. Previously only for external attack surface management, the new enhancements will analyze Active Directory, Azure, GCP, and AWS Cloud footprints for misconfigurations and remediable security concerns.
“Customers will immediately benefit from seeing gaps in their public-facing infrastructure and through attack path mapping to see how an attacker can traverse the network from on-premises to cloud and cloud to on-premises,” said Avihai Ben-Yossef, CTO and Co-founder. “This will significantly aid organizations in assessing how at risk their organization’s assets are.”
Vulnerability scanners are designed to identify, classify, prioritize, and remediate vulnerabilities that could be exploited – primarily from within the environment. Conversely, attack surface management has mainly focused on discovery of vulnerabilities from an external perspective. This Cymulate solution now closes the visibility gap needed to understand if an exposure has a viable attack path, if security controls detect and alert effectively, and validating that remediations achieve the desired risk mitigation. This brings exposure management to a new level that is more continuous and efficient for classifying and prioritizing the remediation of vulnerabilities.
The ASM solution expansion provides four new tool capabilities: Active Directory Misconfiguration Scanning, Cloud Misconfiguration Scanning, Vulnerability Scanning, and Unified Attack Path Mapping and Analysis (UAPMA). This provides more information than just what needs to be patched, and the ability to leverage information from more sources to determine the priority of each remediation action.
The Unified Attack Path Mapping and Analysis (UAPMA) will
- Support attack pathing and security validation across networks, Clouds, and identity systems, including Active Directory services
- Deliver a significantly more complete and detailed picture of viable attack paths and techniques than can be discovered when compared to performing such scanning operations only in one infrastructure or the other
- Factor in that interconnections, trusts, permissions, and other variables can change the path of an attacker in unexpected ways
- Provide the ability to clearly identify and see attack paths (displayed as graphs and detailed information), which delivers a quicker way to identify and close gaps without disrupting business operations
When paired with Cymulate Breach and Attack Simulation (BAS) technology, security teams can also validate whether controls that sit in the attack path successfully detect and alert on threat activity; and where remediation is required, knowing where that remediation can best be performed to reduce any business disruptions. This combination further refines which vulnerabilities to prioritize and at what level of urgency.
