New ASM Offering Boosts an Organization’s Threat Exposure Management by Uniquely Prioritizing Clear, Deep, and Dark Web CTI Based on Each Organization’s Attack Surface
Key Takeaways:
Cyber threat intelligence (CTI) leader Cybersixgill has embedded an attack surface management module with its existing solution that automates and streamlines the discovery of unknown assets and systems to deliver real-time insights into an organization’s external threat exposure.
Cybersixgill’s market-leading CTI collects and exposes the earliest indications of risk as they surface on the clear, deep, and dark web. The addition of its new ASM module identifies exposures across known and unknown externally-facing enterprise assets and prioritizes treatment according to threat urgency, impact severity, and business criticality.
Cybersixgill’s new ASM module is immediately available as an add-on to its CTI solution for new and existing customers. For more information about the module, visit https://www.cybersixgill.com/products/attack-surface-management.
RSA Conference 2023, San Francisco, CA – April 24, 2023 - Cybersixgill, the global cyber threat intelligence data provider, announced today its new Attack Surface Management (ASM) solution, enabling the continuous discovery of unknown assets and systems to eliminate threat exposure blind spots and deliver complete visibility into an organization’s attack surface.
Combined with Cybersixgill’s market-leading threat intelligence from the clear, deep, and dark web, the company’s new ASM module enhances an organization’s cyber threat intelligence (CTI) program with business-specific relevance and critical attack surface context. As a result, the solution empowers security teams to prioritize urgent risks and hasten the mean time to detect and remediate incidents before they become costly attacks. The solution is particularly beneficial given the challenges facing security teams today: an ever-expanding attack surface, alert fatigue, a lack of skills and resources, and limited budgets.
According to a 2023 Gartner® report which mentions Cybersixgill as a Sample Vendor in the Threat Intelligence (TI) and Digital Risk Protection Services, Competitive Landscape: External Attack Surface Management, “TI products and services deliver knowledge, information and data about cybersecurity threats and other cybersecurity- related issues. The output of these products and services aims to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce risk and the chance of being compromised.”1
“Cyber threat intelligence is fundamental for assessing and prioritizing organizational risk. Yet, without business context, the sheer volume of data that CTI solutions generate can be overwhelming,” said Gabi Reish, Chief Business Development and Product Officer for Cybersixgill. “The combination of Cybersixgill’s CTI solution and new ASM module gives customers vital organization-specific intelligence that enables preemptive threat exposure management and intelligence-driven automation to address the most critical cyber risks.”
Automated Threat Intelligence for Every Organization’s Unique Attack Surface
Cybersixgill’s ASM solution eliminates visibility blindspots and automates the discovery of the unseen, continuously mapping, scoping, and classifying unknown assets that could expose an organization to risk. Specifically, the solution includes several advanced features and capabilities, including:
Continuous External Asset Discovery
Automated, continuous discovery and mapping of unknown, externally-facing assets and systems connected to the organizational network, including domains and subdomains, IPs and hosts, software, CVEs, certificates, storage locations, and more.
Visibility into the vulnerabilities related to the organization’s supply chain and third parties to prioritize the risk exposure to the organization.
Additional flexibility, supporting the population of assets through manual or CSV upload, and integration with third-party CAASM, Vulnerability and Asset Management, and EASM solutions.
Asset Inventory Management
Insight into asset association, location, asset type, WHOIS and DNS context, connected assets, associated CVEs and software, and alerts.
User-defined asset classification according to business criticality, including customized labels and the ability to monitor each discovered asset and define the organization’s importance.
High-level overview and reports of all assets, including anomalies for specific asset types, to minimize potential risks.
Ability to differentiate and manage various assets for different organizations for MSSPs and other multi-tenant needs.
Threat Intelligence-Related Asset Monitoring
Immediately view asset-triggered alerts to potential exposures, categorized according to asset type.
Run threat hunting and incident response investigations based on an organization’s specific assets.
Directly link to Cybesixgill’s DVE vulnerability exploit intelligence module, identifying high-risk exploitable CVEs and the specific assets in the organization affected by those CVEs.
Advanced CVE patching prioritizations by combining the asset association of that CVE with threat intelligence and risk-related attributes in real-time.
About Cybersixgill
Cybersixgill continuously collects and exposes the earliest possible indications of risk produced by threat actors moments after they surface on the clear, deep, and dark web. This data is processed, correlated, and enriched using automation to create profiles and patterns of threat actors and their peer networks, including the source and context of each threat. Cybersixgill’s extensive body of data can be consumed through a range of seamlessly integrated to your existing security stack, so you can pre-empt threats before they materialize into attacks. The company serves and partners with global enterprises, financial institutions, MSSPs, and government and law enforcement agencies. For more information, visit https://www.cybersixgill.com/ and follow us on Twitter and LinkedIn. To schedule a demo, please visit https://www.cybersixgill.com/book-a-demo.
1 GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.