Cymulate ups the game on exposure management

Luke Cifarelli, Security Specialist, iOCO, Cymulate.

---

2023 ITWeb Security Summit sponsor, Cymulate, which positions itself as the leader in cyber security risk validation and exposure management, has announced the expansion of its Attack Surface Management (ASM) solution to close gaps between traditional vulnerability management and ASM. Organisations will now have advanced capabilities to easily visualise risky exposures across hybrid environments. The company achieves this by extending its coverage to include more attack surface discovery and added misconfiguration detection, cloud-specific analysis and vulnerability discovery. Previously only for external attack surface management, the new enhancements will analyse Active Directory, Azure, GCP and AWS Cloud footprints for misconfigurations and remediable security concerns.

“Customers will immediately benefit from seeing gaps in their public-facing infrastructure and through attack path mapping to see how an attacker can traverse the network from on-premises to cloud and cloud to on-premises,” said Avihai Ben-Yossef, CTO and Co-founder. “This will significantly aid organisations in assessing how at risk their organisation’s assets are.” Vulnerability scanners are designed to identify, classify, prioritise and remediate vulnerabilities that could be exploited – primarily from within the environment. Conversely, attack surface management has mainly focused on discovery of vulnerabilities from an external perspective. This Cymulate solution now closes the visibility gap needed to understand if an exposure has a viable attack path, if security controls detect and alert effectively, and validating that remediations achieve the desired risk mitigation. This brings exposure management to a new level that is more continuous and efficient for classifying and prioritising the remediation of vulnerabilities.

The ASM solution expansion provides four new tool capabilities: Active Directory Misconfiguration Scanning, Cloud Misconfiguration Scanning, Vulnerability Scanning and Unified Attack Path Mapping and Analysis (UAPMA). This provides more information than just what needs to be patched and the ability to leverage information from more sources to determine the priority of each remediation action.

The UAPMA will:

• Support attack pathing and security validation across networks, clouds and identity systems, including Active Directory services;
• Deliver a significantly more complete and detailed picture of viable attack paths and techniques than can be discovered when compared to performing such scanning operations only in one infrastructure or the other;
• Factor in that interconnections, trusts, permissions and other variables can change the path of an attacker in unexpected ways; and
• Provide the ability to clearly identify and see attack paths (displayed as graphs and detailed information), which delivers a quicker way to identify and close gaps without disrupting business operations.

When paired with Cymulate breach and attack simulation (BAS) technology, security teams can also validate whether controls that sit in the attack path successfully detect and alert on threat activity; and where remediation is required, knowing where that remediation can best be performed to reduce any business disruptions. This combination further refines which vulnerabilities to prioritise and at what level of urgency. The driving factors for these enhancements centre on the growing use of cloud computing, remote workforce and third-party services; which are expanding organisations' attack surface and creating numerous challenges in identifying and tracking assets across on-premises, hybrid and cloud infrastructure; and in managing and securing all exposed assets.

Additionally, the inability to evaluate risk posed by each asset, the proliferation of unmonitored assets such as legacy infrastructure and shadow IT add to the complexity of controlling networks, compounding risk, especially when scaling operations.