Advanced exposure management, enhanced with AI and automation, enables organisations to cut complexity and alleviate cyber security mitigation workloads, while continuously improving their cyber security posture.
This is according to Luke Cifarelli, Country Manager – South Africa at Cymulate, a CTEM specialist and leader in threat exposure validation, who was speaking ahead of the annual ITWeb Security Summit.
Cifarelli explains that until recently, the fast-changing cyber-threat landscape required security teams to spend much of their time managing all vulnerabilities while working to mitigate according to severity, leading to widespread fatigue and burnout. He says: “It’s been widely reported that only 2% to 7% of vulnerabilities are ever actually exploited in the wild. So, then you say: The efforts being directed towards vulnerability management are disproportional to the risk of exploitation. Exposure management has the ability to test common vulnerabilities and exposures (CVEs), thereby providing proof of exposure with control-based mitigation advice. This is why vendors like Cymulate changed focus from protecting the ‘soft underbelly’ to optimising the armour to ensure that the security controls customers have invested in are actually protecting against the latest threats.”
In the years that followed, Cymulate has advanced to including AI for custom scenario creation and automation, exposure validation, cloud security, including Kubernetes, and auto-remediation through integration with many top cyber security vendors.
“This litmus test offers a rapid yes or no answer to the question: can this new threat breach our organisation within 24 hours of emerging? This allows security teams to focus where they are needed most,” he says.
“For example, if there's a threat feed saying that a syndicate in Russia, such as Midnight Blizzard, has changed their techniques and they're now trying to penetrate customers through a large-scale phishing campaign (APT29) using an RDP configurated file, before you go and ban RDP files across the business, you can test whether the attack can actually penetrate or not. Many organisations have compensating controls.
“At the heart of most breaches is a security control that did not behave as expected, so it’s important to be able to quickly test whether they are resilient, aren't suffering from configuration drift and they haven't had a policy updated that could make them vulnerable.”
Cifarelli says there has been vagueness in the market regarding technologies in this space. He says Gartner has now defined continuous threat exposure management (CTEM) programs. Cymulate fulfils the CTEM program by offering powerful exposure management, without the need for extensive software deployment across the whole organisation.
He notes: “Businesses are demanding more context around threat exposure, by industry, locality and exposure risk. There's a lot of out-of-context remediation happening and organisations can no longer afford to have a 'defend against everything, everywhere', mentality.
“We’re helping customers discover which vulnerabilities are an actual threat to their network and what they are safe against today, not what they were protected from when referring back to a point in time assessment, such as a penetration test, from a few months ago,” Cifarelli says.
Cymulate is a Gold Sponsor of the ITWeb Security Summit 2025 in Cape Town, where Wesley Trollip, Cybersecurity Sales Engineer at Cymulate, will present a talk on advances in control validation and exposure management.
The Cape Town event will be staged at the Cape Town International Convention Centre on 27-28 May. The Johannesburg event will be held at the Sandton Convention Centre on 3-5 June.
For information and to register, visit https://www.itweb.co.za/event/itweb-security-summit-cpt-2025/.
Share