BreachLock Attack Surface Analytics strengthens enterprise CTEM capabilities


BreachLock strengthens continuous threat exposure management (CTEM) capabilities for enterprise customers with its new Attack Surface Analytics feature.

Time is of the essence when Fortune 500 security teams find themselves waking up to a Code Red vulnerability being actively exploited. When CISOs urgently request a detailed list of impacted assets, including those running a specific TLS version, which ports are being used, servers involved, and more, along with a patching strategy, that’s where BreachLock’s new Attack Surface Analytics Feature comes in.

BreachLock’s Attack Surface Analytics feature significantly reduces the time it takes for security teams to identify and mitigate inherent risks by enabling enterprise security teams to discover their expanding attack surfaces in real-time and run complex queries within minutes to discover gaps and create remediation plans.

The feature provides enterprise users with:

  • All relevant asset intelligence consolidated into a single, consolidated, cumulative view, with details on the correlation between domains, subdomains, IP addresses and ports, and associated technologies.
  • Visibility of inherent risk based on a selected domain and key risk indicators such as the presence of a disabled or enabled Web Application Firewall (WAF).
  • Vulnerable IP addresses and ports.
  • Technology and certificate analysis that analyzes and highlights deprecated technologies within a subdomain and provides detailed information on whether a subdomain has an effective security certificate, cipher suite used in the certificate, and TLS version to quickly spot and address outdated software that could contain inherent security risks.
  • User-friendly filtering capabilities that allow users to zero in on specific assets at a desired level of granularity to help prioritize risk management efforts on assets with the most critical vulnerabilities at the desired level of granularity.

The benefits of the new Attack Surface Analytics feature on the BreachLock are plentiful, but mainly, it strengthens enterprise CTEM capabilities by enabling security teams to:

  • Remediate and reduce risk faster with the easy-to-navigate analytics interface and a cumulative view of their Asset Discovery that guides users through the inherent risks associated with each asset.
  • Take quick and effective action with the ability to visualize asset relationships, combined with detailed analytics for each subdomain, IP address, and associated technology.
  • Make quick, strategic decisions with visual analytics that empower organizations to address risks more relationally to help ensure that no vulnerability slips through the cracks.

Commenting on the release of this advanced Attack Surface Analytics feature, BreachLock CEO, Seemant Sehgal, states “At BreachLock, our CTEM capabilities continue to evolve, empowering CISOs with more comprehensive and proactive tools for managing threats and exposures effectively.”

He further elaborates, “BreachLock is all about listening to our customers’ needs and providing innovative features that help them continuously secure their attack surfaces. We have introduced multiple new products and features over the past 10 months to strengthen our customers’ CTEM programs, and the release of our new Attack Surface Analytics feature represents a monumental step forward for our customers,” he explains, “as it enables them to significantly reduce the time it takes to identify and remediate risks.” Sehgal, adds, “This milestone is a reflection of the hard work of our dedicated team that has worked tirelessly to improve our technology by listening and working closely with our customers.”

In addition to its new Attack Surface Analytics feature, BreachLock introduced two new integration features in August 2024 for Microsoft Azure and ServiceNow (SNOW) to streamline the transfer of vulnerabilities found during scans directly to DevOps tools. GitHub has now been added to BreachLock’s platform for easy integration.

GitHub is important in the CI/CD pipeline, integrating with application security testing tools like DAST and SAST to ensure that every code push is tested for security flaws, providing real-time feedback to developers. By integrating shift left security earlier in the development process with GitHub workflows, it allows security teams to catch vulnerabilities before they reach production. GitHub makes it easy to track, assign, and manage vulnerabilities through issues and pull requests, allowing security teams to collaborate closely with developers by providing audit logs and code history.

Making GitHub integration available within the BreachLock Platform and our ASM and penetration testing enables security practitioners to automate security testing directly from their repositories. For example, security teams at BreachLock will push the vulnerabilities directly to the user’s development team so that they can fix the issues at the foundational level during development only.

By Integrating GitHub, Azure DevOps, and SNOW, BreachLock makes it easy to enhance workflows and efficiency. These integrations automate vulnerability data transfers, eliminate manual entry, reduce human error, and accelerate the overall security testing process. This allows security teams to focus on analysis and remediation rather than administrative tasks.

Together, these new features empower customers with tools to identify and visualize inherent risks within their organizations and to mitigate potential threats quickly allowing security practitioners to stay one step ahead of attackers.



Source link