Team NetSPI

More by Team NetSPI
WP_Query Object
(
    [query] => Array
        (
            [post_type] => Array
                (
                    [0] => post
                    [1] => webinars
                )

            [posts_per_page] => -1
            [post_status] => publish
            [meta_query] => Array
                (
                    [relation] => OR
                    [0] => Array
                        (
                            [key] => new_authors
                            [value] => "91"
                            [compare] => LIKE
                        )

                    [1] => Array
                        (
                            [key] => new_presenters
                            [value] => "91"
                            [compare] => LIKE
                        )

                )

        )

    [query_vars] => Array
        (
            [post_type] => Array
                (
                    [0] => post
                    [1] => webinars
                )

            [posts_per_page] => -1
            [post_status] => publish
            [meta_query] => Array
                (
                    [relation] => OR
                    [0] => Array
                        (
                            [key] => new_authors
                            [value] => "91"
                            [compare] => LIKE
                        )

                    [1] => Array
                        (
                            [key] => new_presenters
                            [value] => "91"
                            [compare] => LIKE
                        )

                )

            [error] => 
            [m] => 
            [p] => 0
            [post_parent] => 
            [subpost] => 
            [subpost_id] => 
            [attachment] => 
            [attachment_id] => 0
            [name] => 
            [pagename] => 
            [page_id] => 0
            [second] => 
            [minute] => 
            [hour] => 
            [day] => 0
            [monthnum] => 0
            [year] => 0
            [w] => 0
            [category_name] => 
            [tag] => 
            [cat] => 
            [tag_id] => 
            [author] => 
            [author_name] => 
            [feed] => 
            [tb] => 
            [paged] => 0
            [meta_key] => 
            [meta_value] => 
            [preview] => 
            [s] => 
            [sentence] => 
            [title] => 
            [fields] => 
            [menu_order] => 
            [embed] => 
            [category__in] => Array
                (
                )

            [category__not_in] => Array
                (
                )

            [category__and] => Array
                (
                )

            [post__in] => Array
                (
                )

            [post__not_in] => Array
                (
                )

            [post_name__in] => Array
                (
                )

            [tag__in] => Array
                (
                )

            [tag__not_in] => Array
                (
                )

            [tag__and] => Array
                (
                )

            [tag_slug__in] => Array
                (
                )

            [tag_slug__and] => Array
                (
                )

            [post_parent__in] => Array
                (
                )

            [post_parent__not_in] => Array
                (
                )

            [author__in] => Array
                (
                )

            [author__not_in] => Array
                (
                )

            [search_columns] => Array
                (
                )

            [ignore_sticky_posts] => 
            [suppress_filters] => 
            [cache_results] => 1
            [update_post_term_cache] => 1
            [update_menu_item_cache] => 
            [lazy_load_term_meta] => 1
            [update_post_meta_cache] => 1
            [nopaging] => 1
            [comments_per_page] => 50
            [no_found_rows] => 
            [order] => DESC
        )

    [tax_query] => WP_Tax_Query Object
        (
            [queries] => Array
                (
                )

            [relation] => AND
            [table_aliases:protected] => Array
                (
                )

            [queried_terms] => Array
                (
                )

            [primary_table] => wp_posts
            [primary_id_column] => ID
        )

    [meta_query] => WP_Meta_Query Object
        (
            [queries] => Array
                (
                    [0] => Array
                        (
                            [key] => new_authors
                            [value] => "91"
                            [compare] => LIKE
                        )

                    [1] => Array
                        (
                            [key] => new_presenters
                            [value] => "91"
                            [compare] => LIKE
                        )

                    [relation] => OR
                )

            [relation] => OR
            [meta_table] => wp_postmeta
            [meta_id_column] => post_id
            [primary_table] => wp_posts
            [primary_id_column] => ID
            [table_aliases:protected] => Array
                (
                    [0] => wp_postmeta
                )

            [clauses:protected] => Array
                (
                    [wp_postmeta] => Array
                        (
                            [key] => new_authors
                            [value] => "91"
                            [compare] => LIKE
                            [compare_key] => =
                            [alias] => wp_postmeta
                            [cast] => CHAR
                        )

                    [wp_postmeta-1] => Array
                        (
                            [key] => new_presenters
                            [value] => "91"
                            [compare] => LIKE
                            [compare_key] => =
                            [alias] => wp_postmeta
                            [cast] => CHAR
                        )

                )

            [has_or_relation:protected] => 1
        )

    [date_query] => 
    [request] => 
					SELECT   wp_posts.ID
					FROM wp_posts  INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id )
					WHERE 1=1  AND ( 
  ( wp_postmeta.meta_key = 'new_authors' AND wp_postmeta.meta_value LIKE '{e3b4e2a9977453b18546fb0752840ad1425b653b87d2d1c105e167aba85c4fd9}\"91\"{e3b4e2a9977453b18546fb0752840ad1425b653b87d2d1c105e167aba85c4fd9}' ) 
  OR 
  ( wp_postmeta.meta_key = 'new_presenters' AND wp_postmeta.meta_value LIKE '{e3b4e2a9977453b18546fb0752840ad1425b653b87d2d1c105e167aba85c4fd9}\"91\"{e3b4e2a9977453b18546fb0752840ad1425b653b87d2d1c105e167aba85c4fd9}' )
) AND wp_posts.post_type IN ('post', 'webinars') AND ((wp_posts.post_status = 'publish'))
					GROUP BY wp_posts.ID
					ORDER BY wp_posts.post_date DESC
					
				
    [posts] => Array
        (
            [0] => WP_Post Object
                (
                    [ID] => 31876
                    [post_author] => 91
                    [post_date] => 2024-02-14 10:00:00
                    [post_date_gmt] => 2024-02-14 16:00:00
                    [post_content] => 
Jim Pickering brings decades of experience leading cybersecurity companies through high-growth milestones to grow and develop NetSPI’s sales team.

Minneapolis, MN – February 14, 2024 – NetSPI, the proactive security solution, today welcomes Jim Pickering as EVP of Global Sales to further scale its sales team and accelerate the company’s product growth. NetSPI saw exponential growth in product sales in 2023 and is well poised to exceed its strategic growth goals moving forward. 

Jim has decades of experience building and leading enterprise sales teams in the cybersecurity industry. As a global business leader, he has earned an impressive track record for leading several companies through acquisitions, IPO, and funding rounds, including Swimlane, Infoblox, Fortinet, Netscreen/Juniper, Verisign, and Savvis. At these companies, Jim catapulted ARR and achieved double- and triple-digit annual revenue growth. 

“NetSPI exists to secure the most trusted brands on Earth. With Jim spearheading go-to-market efforts, we have an opportunity to make an even greater impact by delivering our proven proactive security solutions to more organizations across the globe.” shared Alex Jones, Chief Revenue Officer at NetSPI. “Jim has already embraced our customer-first mindset, and we cannot wait to see the impact he will make on our sales team.” 

"NetSPI is an absolute unicorn. The fact that the team was able to grow revenue 42% and win over 400 new logos in 2023’s down economy is beyond impressive,” said Jim. “But what truly compelled me to join NetSPI is the strong culture and its commitment to deliver real solutions to real problems in the industry. Proactive security products that help defend today’s enterprises are paramount for the future.” 

Connect with Jim on LinkedIn. Learn more about NetSPI’s achievements and momentum in its latest press release, NetSPI Achieves 42% Growth in 2023, Increasing Efficiency and Effectiveness of Customer Security Programs.  

About NetSPI 

NetSPI is the proactive security solution used to identify, protect, detect, and respond to security vulnerabilities of the highest importance, so businesses can protect what matters most. Leveraging a unique combination of advanced technology, intelligent process, and dedicated security experts, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before.  

NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence. In other words, NetSPI goes beyond for its customers, so they can go beyond for theirs.  

NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.   

NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India. Follow NetSPI on LinkedIn and X.

[post_title] => NetSPI Hires EVP of Global Sales to Support Demand for its Proactive Security Solutions [post_excerpt] => As EVP of Global Sales, Jim Pickering will bring his experience leading high-growth cybersecurity companies to lead, grow, and develop NetSPI’s sales team. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => jim-pickering [to_ping] => [pinged] => [post_modified] => 2024-02-14 10:57:17 [post_modified_gmt] => 2024-02-14 16:57:17 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31876 [menu_order] => 4 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [1] => WP_Post Object ( [ID] => 31874 [post_author] => 91 [post_date] => 2024-02-13 16:23:24 [post_date_gmt] => 2024-02-13 22:23:24 [post_content] =>

Hear straight from NetSPI’s CEO Aaron Shilts and our new EVP of Strategy Tim MalcomVetter as they discuss a range of proactive security topics. Tim's extensive background as a security analyst, pentester, director of Red Team, and chief technology officer for leading global companies brings a wealth of insights to the table. With a track record of hacking diverse systems, from mainframes to APIs to mobile and IoT devices, Tim offers a unique perspective on the evolution of proactive security measures.  

Read on for the highlights or watch the webinar for the full conversation.

What is Proactive Security?  

Tim explains that in terms of proactive security, the approach involves considering the continuity beyond isolated engagements, such as performing an external penetration test. Given that a penetration testing engagement typically lasts for a few days to a couple weeks, the question arises: What measures are in place during the remaining 50 weeks of the year?  

With your attack surface expanding and the perimeter continually evolving, your security controls face relentless scrutiny. Gaining insight into external-facing assets, vulnerabilities, and exposures presents a noisy and time-consuming challenge for security teams. Furthermore, even upon identifying validated vulnerabilities, ensuring that your security stack effectively detects and mitigates them poses another hurdle.

External pentesters have a knack for identifying anomalies that might otherwise go unnoticed. Seizing such opportunities becomes pivotal, as these anomalies could potentially lead to breaches. Therefore, the focus with proactive security lies in outpacing cyber threats. The relentless nature of SOC work underscores the need for constant vigilance. The objective is to streamline this mindset, ensuring that critical issues are promptly addressed to optimize efficiency and minimize time waste. 

You may find yourself considering these common questions about your organization's security stance:  

  1. Where are my vulnerabilities?  
  2. Can I maintain continuous awareness of them?  
  3. What aspects can I monitor effectively, and is my team equipped to respond promptly?  

These are key questions to surface internally to help define a path forward toward proactive security.

Watch the Q&A on Proactive Security 

Watch the full webinar with Aaron and Tim!  

Tim's impressive background in various security roles, coupled with his extensive experience in hacking diverse systems, adds depth and expertise to the discussion. Take the next step in enhancing your organization's security posture by contacting NetSPI for a consultation. 

[post_title] => Annual Pentest? Done. How Proactive Security Covers the Other 50 Weeks in a Year  [post_excerpt] => Explore proactive security from a CISO’s lens. Tim MalcomVetter and Aaron Shilts discuss shifting from point-in-time pentesting to proactive security. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => how-proactive-security-covers-the-other-50-weeks-in-a-year [to_ping] => [pinged] => [post_modified] => 2024-02-13 16:23:26 [post_modified_gmt] => 2024-02-13 22:23:26 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31874 [menu_order] => 5 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [2] => WP_Post Object ( [ID] => 31829 [post_author] => 91 [post_date] => 2024-01-31 08:00:00 [post_date_gmt] => 2024-01-31 14:00:00 [post_content] =>
Proactive security leader continues discovering and prioritizing security vulnerabilities of the highest importance to its customers, allowing them to innovate with confidence.

Minneapolis, MN – January 31, 2024 NetSPI, the proactive security solution, today announced another monumental fiscal year, achieving 42% year-over-year growth in 2023. This growth is attributed to the company’s unique ability to integrate its advanced technology, intelligent processes, and dedicated consultants, which together, contextualize the security vulnerabilities that matter most to customers. Powered by these capabilities, NetSPI identified 8,500 vulnerable entry points and more than 17,000 critical issues for its customers in 2023 alone. 

Through continued innovation and dedication to its customers, NetSPI added more than 400 new logos to its roster in 2023, a more than 30% year-over-year increase. The company also increased its internal team by 26%, which included strategically expanding in the Europe, the Middle East, and Africa (EMEA) market. 

“In today’s turbulent market, organizations are being asked to do more with less, and as a result, cybersecurity is often sacrificed. But it doesn’t have to be this way,” said Aaron Shilts, CEO of NetSPI. “Through our proactive security solutions, we’re delivering greater operational efficiency and security program effectiveness to our customers, prioritizing the vulnerabilities that truly impact the business and scaling alongside them. This allows our customers to innovate with confidence and protect the trust they’ve built with their customers.” 

Throughout the year, NetSPI unveiled strategic partnerships and innovations that further cemented the company as a leader in proactive security. Notable milestones include: 

Introducing a First-of-its-Kind AI/ML Penetration Testing Offering 

As artificial intelligence (AI) became more ingrained in business operations over the past year, NetSPI listened to customer needs and launched a first-of-its-kind AI/ML Pentesting solution. It focuses on two core components: Identifying, analyzing, and remediating vulnerabilities on machine learning (ML) systems such as Large Language Models (LLMs), and providing advice and real-world guidance to ensure security is considered from ideation to implementation.  

Launching a Cyber Protection Partnership with Chubb 

NetSPI strategically partnered with Chubb, a leading publicly traded property and casualty insurance company, to strengthen customer cyber-risk profiles via advanced attack surface management and penetration testing solutions. The collaboration provides Chubb customers with peace of mind, enabling them to identify vulnerabilities, security issues, and exposure to risk before it escalates into a claim. 

Embracing the Power of BAS and ASM 

NetSPI’s Breach and Attack Simulation (BAS) and Attack Surface Management (ASM) experienced significant momentum in 2023, with increased customer adoption and continuous development of both solutions. By leveraging insights based on intelligence gathered from thousands of pentests, combined with the company’s deep-rooted understanding of tactics, techniques and procedures (TTPs) used in the wild, NetSPI BAS and ASM are continuously updated, complimenting PTaaS to ensure full proactive security coverage.  

In 2023, the BAS platform was recognized as the “Breach and Attack Simulation Solution of the Year" by the Cybersecurity Breakthrough Awards and as the “Cutting Edge Breach & Attack Simulation” by Cyber Defense Magazine’s Top InfoSec Innovators Awards. These recognitions further prove the value of in-depth detective control validation, as well as the impact continuous testing can have on organization and the industry overall. 

Scaling the NetSPI Partner Program to New Heights 

In 2023, NetSPI achieved a 31% year-over-year increase in partner-sourced revenue and more than doubled the number of partners in its program. To meet the increased interest and nurture existing relationships, NetSPI has added four new channel experts to help lead the Partner Program, including Steve Baral, Vice President of Strategic Alliances and MSSP.  

Moving to New HQ to Accommodate Growth 

Prompted by increasing employee headcount and the need for a more collaborative workplace as the company continues to experience rapid adoption, NetSPI moved its headquarters to the Steelman Exchange building in North Loop, Minneapolis. The larger, dynamic space will support NetSPI’s growth as it enters a momentous year. 

For more information about NetSPI’s proactive security solutions, visit www.netspi.com.   

About NetSPI 

NetSPI is the proactive security solution used to discover, prioritize, and remediate security vulnerabilities of the highest importance, so businesses can protect what matters most to them. Leveraging a unique combination of advanced technology, intelligent process, and dedicated consultants, NetSPI helps security teams take a proactive approach to cybersecurity with more clarity, speed, and scale than ever before. 

NetSPI goes beyond the noise to deliver high impact results and recommendations based on business needs, so customers can protect their priorities, perform better, and innovate with confidence. In other words, NetSPI goes beyond for its customers, so they can go beyond for theirs. 

NetSPI secures the most trusted brands on Earth, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500.  

NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India. Follow NetSPI on Facebook, X, and LinkedIn.  

NetSPI Media Contacts:
Tori Norris, NetSPI
victoria.norris@netspi.com
(630) 258-0277

Jessica Bettencourt, Inkhouse for NetSPI
netspi@inkhouse.com
(774) 451-5142

[post_title] => NetSPI Achieves 42% Growth in 2023,  Increasing Efficiency and Effectiveness of Customer Security Programs [post_excerpt] => NetSPI celebrates 42% growth in 2023 allowing customer to innovate with confidence by bringing efficiency and efficacy to their security programs. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => netspi-achieves-growth-2023 [to_ping] => [pinged] => [post_modified] => 2024-01-30 16:49:39 [post_modified_gmt] => 2024-01-30 22:49:39 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31829 [menu_order] => 6 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [3] => WP_Post Object ( [ID] => 31822 [post_author] => 91 [post_date] => 2024-01-30 15:32:26 [post_date_gmt] => 2024-01-30 21:32:26 [post_content] =>

As your company’s external attack surface expands and threat actors remain relentless, Attack Surface Management (ASM) solutions can help level up your proactive security measures by enabling continuous pentesting. Thoroughly vetting and comparing different ASM providers is essential to selecting one that best aligns with your business needs and overarching security goals.  

What to Look for When Evaluating External Attack Surface Management Providers  

To simplify the process of evaluating attack surface management vendors, we’ve identified five important criteria to look for when comparing different companies.  

1. Proven Reputation and Third-Party Validation 

Vendors new to the attack surface management space may not have enough experience tailoring their platform for greater business needs. Selecting a tenured vendor with a history in ASM can offer benefits such as streamlined processes, quick access to support teams, and proven methods to improve security. 

Look for attack surface management providers that have received recognition from trusted third parties such as Gartner® or Forrester. Expert analysts at these and other research and advisory firms perform a factual review of information from technology providers to recognize solutions that demonstrate innovation.

As part of this research, Forrester included NetSPI in its External Attack Surface Management Landscape Report featuring top EASM vendors, and Gartner featured NetSPI in its EASM Competitive Landscape Report.

Gartner shared the following about NetSPI in the report:

NetSPI differentiates by combining its ASM capability with its human pentesting expertise. This is achieved via the attack surface operations team, who manually test and validate the exposures found. As a result, it reduces alert fatigue and false positives, while providing customers only the critical and high exposures relative to their organization, as well as the support on how to remediate said exposures.

2. Critical Functionality 

Depending on your business needs and use cases for choosing an ASM platform, some functionalities may be more important than others. 

In The External Attack Surface Management Landscape, Q1 2023, Forrester listed several core functionalities to look for in attack surface management platforms, including:

  • External/internet-facing asset discovery 
  • Asset identification 
  • Asset and business relationship mapping 
  • Active and passive vulnerability scanning 
  • Open ports and services monitoring 
  • URL and IP range tracking 
  • Certificate monitoring 
  • Exposure/risk prioritization 
  • Custom dashboarding and reporting  

3. Screenshots and Software Demos of the Platform  

Trusted attack surface management providers have screenshots of the platform readily available so prospective customers can see what the platform and key functionalities look like firsthand.

Here’s a screenshot of the Signal Dashboard from NetSPI’s ASM platform. The screenshot shows that NetSPI ASM Operations team has reviewed 1.21k assets, discovered 285 new assets, and reviewed 232 vulnerabilities.

In addition to screenshots, having the option to take an ASM platform for a test drive through a guided demo or webinar is an important step before selecting an ASM vendor. This option can enable your team to experience the platform, ask specific questions about capabilities, and better understand feature differentiators between tools.

4. Human Analysis and Guidance  

In addition to advanced functionality, human analysis and expertise is essential to take into consideration when evaluating attack surface management companies. With human analysis, the vendor’s ASM operations team manually reviews and validates findings to reduce false positive alerts and minimize disruptions to business operations as a result. The team also helps by answering any questions that come up related to findings and providing guidance for remediation. 

One challenge businesses often face is that security or IT teams need to hire a dedicated employee to manage an ASM solution on top of investing in the solution itself, which drives up costs including hiring, training, and salary. In fact, our 2023 Offensive Security Vision Report found that one of the greatest barriers to improved offensive security is a lack of resources.  

With a user-friendly ASM platform powered by human expertise, an entire team is available to triage alerts, so you don’t need to add additional responsibilities or headcount to your team.

5. Simple Onboarding  

Some attack surface management companies require time-intensive setup and onboarding, which can take several hours of your team’s time and can push back the timeline of full platform implementation by weeks.

As you consider different ASM platforms, look for one with a streamlined or automated onboarding process, on-demand training materials, a user-friendly design, easy to digest dashboards, and human support as-needed during the onboarding process. Seamless onboarding can help ensure you start off on the right foot with an ASM vendor and accelerate time to value.

Types of Attack Surface Management Vendors 

A few different types of ASM vendors are available:

With this type of ASM vendor, expert human pentesters conduct penetration testing and vulnerability assessments to test the external network, typically on a quarterly basis. 

Technology-driven ASM solutions involve tools or scanners that review the full attack surface (aka the assets a business has on the Internet) and use scores to prioritize and remediate impactful findings.  

A hybrid approach involves combining both human intuition and analysis with advanced, automated technology to more effectively identify vulnerabilities and filter prioritized alerts. 

Partnering with a hybrid ASM vendor is the most impactful option because it enables verified prioritization of results to ensure only the most relevant alerts are delivered, resulting in the best ROI on your cybersecurity investment.

Questions to Ask Attack Surface Management Vendors 

To effectively evaluate an ASM solution and select the right partner that aligns with your business requirements, develop a standardized list of questions to ask each vendor before making a decision.

Questions to consider asking include: 

  • Do you offer a human-based, technology-driven, or hybrid approach to attack surface management? 
  • How often are tests conducted? 
  • Do you offer continuous pentesting? If so, how do you approach it? 
  • How broad and up-to-date is the data?  
  • How soon do new assets appear and get recognized by the ASM tool? 
  • Do you support exposure remediation once vulnerabilities are discovered? How? 
  • Do I have access to all of my scan data if needed?  
  • What does the onboarding process look like? How much time is required of my team?  
  • What’s your process for managing and prioritizing alerts? 
  • How will you help me understand the most critical assets or vulnerabilities on my attack surface? 
  • What are the critical risk factors most likely to impact the business?  
  • Who are the potential attackers threatening my business?  
  • Which vulnerabilities are the most important to prioritize with remediation?  
  • Which exposures are threat actors most likely to exploit? 

Partner with NetSPI for the Most Comprehensive ASM Capabilities  

The right attack surface management provider can help your organization more effectively manage your attack surfaces and quickly identify and remediate vulnerabilities.
If you’re looking for an ASM platform that includes all the criteria listed above – and more – NetSPI has you covered. We created our attack surface management platform based on three essential pillars of ASM—human expertise, always-on, continuous pentesting, and risk prioritization.

Some of the benefits of selecting NetSPI as your attack surface management provider include:  

  • Simple setup and onboarding  
  • Comprehensive asset discovery  
  • Manual triaging of exposures  
  • Prioritized alerts 

Learn more about how we can improve your offensive security together by watching a demo of our ASM platform. Also take our free attack surface management tool for a test drive and search more than 800 million public records for potential attack surface exposures.

[post_title] => 5 Criteria for Evaluating External Attack Surface Management Vendors [post_excerpt] => Evaluating attack surface management vendors can be challenging. Learn about five criteria to select the right vendor based on your business needs. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => criteria-for-evaluating-external-attack-surface-management-vendors [to_ping] => [pinged] => [post_modified] => 2024-01-30 15:32:27 [post_modified_gmt] => 2024-01-30 21:32:27 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31822 [menu_order] => 7 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [4] => WP_Post Object ( [ID] => 31881 [post_author] => 91 [post_date] => 2024-01-17 09:00:00 [post_date_gmt] => 2024-01-17 15:00:00 [post_content] =>

NetSPI's Vinay Anand was featured in SC Media, talking about the value of vulnerability prioritization and how organizations can take back control of their environments to address the most urgent and unpatched vulnerabilities in three easy steps. Read the preview below or view it online.

+++

Today’s security teams are witnessing a rising number of vulnerabilities, and to make matters worse, the majority of them are going unpatched — leading to critical breaches that cost organizations millions.

Unpatched vulnerabilities account for 60% of all data breaches, and according to the NIST National Vulnerability Database, vulnerability counts have steadily increased year-over-year for the past five years — showing no signs of slowing down.

The main reason for this steady incline is that organizations do not understand the basics of their attack surface. Additionally, too much of the burden has been put on CISOs. This pressure, in combination with the ongoing talent shortage facing the cybersecurity industry, has driven CISOs to say: “I’ll manage the fires when they come up. I can’t do anything to prevent them now.” However, with proper guidance and resources, that statement is simply untrue.

You can read the full article here!

[post_title] => SC Media: Three ways enterprises can activate vulnerability prioritization [post_excerpt] => NetSPI's Vinay Anand was featured in SC Media, talking about the value of vulnerability prioritization and more. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => sc-media-three-ways-enterprises-can-activate-vulnerability-prioritization [to_ping] => [pinged] => [post_modified] => 2024-02-13 17:27:07 [post_modified_gmt] => 2024-02-13 23:27:07 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31881 [menu_order] => 9 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [5] => WP_Post Object ( [ID] => 31587 [post_author] => 91 [post_date] => 2024-01-08 15:45:50 [post_date_gmt] => 2024-01-08 21:45:50 [post_content] =>

In case you missed it, Chubb, one of the leading publicly traded property and casualty insurance companies, announced an innovative collaboration with NetSPI to strengthen client cyber-risk profiles via enhanced attack surface management and penetration testing solutions.

What started as a penetration testing program for Chubb has evolved into a partnership in which NetSPI will help Chubb cyber insurance clients proactively assess and mitigate risks that could lead to claims. Core benefits Chubb clients receive as a part of the collaboration include:

  • Preferred pricing on Attack Surface Management (ASM), Breach and Attack
    Simulation (BAS), and Penetration Testing as a Service (PTaaS). Plus, select clients will be able to access the ASM platform at no cost.
  • The resources and expertise to stay resilient throughout the lifecycle of their policy which will, in turn, improve and inform the underwriting process for renewals.
  • Access to 280+ expert penetration testers across the globe for tailored proactive security solutions to support any size business across all industries.

Want to delve deeper into what this partnership means for security teams and how it will impact the future of the cyber insurance industry? Hear first-hand from Chubb in this video, and read the Q&A below, featuring Chubb Cyber Intelligence Officer Craig Guiliano and NetSPI CEO Aaron Shilts.

https://youtu.be/m-bjB_rL4LI?si=jn9OF0Le_pJ9evCf

What is proactive security? And why must it be prioritized across the greater security community?

Craig Guiliano: Proactive security, quite simply, is trying to identify exposures before a threat actor, but often from the point of view of the threat actor.  By taking a proactive approach, you could mitigate the exposure before a threat actor can exploit it. Through Chubb’s partnership with NetSPI, Chubb policyholders in the U.S. and Canada can take advantage of NetSPI's full portfolio of proactive security solutions, including Breach and Attack Simulation (BAS), Attack Surface Management (ASM), as well as a suite of comprehensive penetration testing offerings, at preferred pricing, subject to applicable insurance laws.

Aaron Shilts: Proactive security is at the core of NetSPI’s DNA. It’s the combination of security activities that ultimately mitigate the risk of a security incident or breach. Pentesting, red teaming, breach and attack simulation, and external attack surface management all contribute to a well-rounded program. For those who follow NIST’s cybersecurity framework, these activities fall within the Identify and Protect functions at the framework’s core. We’re eager to help Chubb clients activate proactive security so that they can gain visibility into which critical assets must be protected to ensure business continuity, accurately discover exposures and vulnerabilities, and break through the noise to prioritize remediations. It’s essentially the first line of defense against adversaries – and an incredible opportunity to build trust with customers.

How will this program impact Chubb clients and, more generally, those seeking cyber insurance? 

Craig Guiliano: Chubb is now able to provide our Cyber insurance policyholders across all segments access to NetSPI’s enterprise-class offensive security services to help them mitigate cyber threats and exposures. NetSPI has developed a customized set of services for Chubb clients that are particularly geared towards smaller companies, in addition to preferred pricing for any of NetSPI’s services. For companies with annual revenues over $100m seeking cyber insurance, Chubb will be leveraging NetSPI’s Attack Surface Management platform to proactively perform a scan to identify vulnerabilities and/or exposures before it could be exploited by a threat actor.

Aaron Shilts: Chubb’s commitment to helping their clients mitigate risks that could lead to a claim should be applauded. Chubb is setting a high standard in the insurance industry by offering the resources necessary to stay resilient throughout the policy lifecycle – and beyond. NetSPI shares the same commitment by being hyper-focused on helping organizations discover, prioritize, and remediate security issues, before it’s too late. Whether we’re alerting to high-impact attack surface exposures, facilitating deep-dive, comprehensive pentests in your critical environments, fine tuning detections to prevent ransomware, or anything in between, we’re thrilled to have this opportunity to bring our team, expertise, and technology to Chubb’s customer base so they can continue to innovate with confidence.

Why now? How has the cyber landscape changed, prompting a program like this?

Craig Guiliano: Cyber insurance must evolve because the cyber threat landscape is constantly changing. Attack surfaces are growing, and as they grow, the opportunities for threat actors to find new exposures to exploit increases. Chubb is always looking to assist our customers in avoiding cyber threats, because a cyber incident can not only be disruptive, but for many businesses, it could be devastating.

Aaron Shilts: Security leaders today are faced with a seemingly impossible task of keeping pace with the rate of change and innovation. And that rate is only increasing with the advancements in machine learning and adoption of large language models (LLMs), among other emerging technologies. Now is the time for organizations to double down on their proactive security to continuously evaluate and improve their security posture alongside innovation. This program is a great reminder that security should not be an afterthought.

Why did Chubb select NetSPI as its proactive security partner?

Craig Guiliano: In my career, I’ve worked with several proactive security vendors, including NetSPI, and NetSPI consistently delivered high-quality assessment results. They understand the importance of not only identifying risks and exposures, but of ensuring the customer understands the exposure and mitigation options. The NetSPI team’s quick understanding of what we were trying to accomplish from a cyber underwriting standpoint, and their ability to rapidly develop a tailored Attack Surface Management (ASM) solution for Chubb and our clients that provides a level of visibility that can help identify exposures and risks before they escalate to a claim.

Are you a cyber insurer looking to bring added value to your policyholders and help them mitigate the risk of claim? Get a conversation started with our partnerships team.

[post_title] => [Q&A] Chubb Cyber Insurance Clients Activate Proactive Security with NetSPI [post_excerpt] => Learn about Chubb and NetSPI’s recent collaboration which helps cyber insurance clients activate proactive security. Read this Q&A! [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => chubb-cyber-insurance-clients-activate-proactive-security [to_ping] => [pinged] => [post_modified] => 2024-01-08 15:45:50 [post_modified_gmt] => 2024-01-08 21:45:50 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31587 [menu_order] => 12 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [6] => WP_Post Object ( [ID] => 31728 [post_author] => 91 [post_date] => 2024-01-08 09:00:00 [post_date_gmt] => 2024-01-08 15:00:00 [post_content] =>

The past year certainly had no shortage of cybersecurity firsts. From the emergence of the MOVEit vulnerability to the wide adoption of ChatGPT and its associated security risks, nearly every industry was impacted by cyber threats. These major trends throughout the year have kept security professionals on their toes—pushing practitioners to stop playing defense against malicious actors and shift to a more proactive approach to security.  

As we look toward 2024, some aspects will remain the same, such as persistent ransomware and cloud-based attacks, as well as AI creating a larger attack vector for cybercriminals. The shift, however, will be in how the cybersecurity industry—and specifically, IT security vendors—helps customers transition to being more proactive against cyber threats. We asked our global team to weigh in on the trends they anticipate shaping the new year and what will help push the need for proactive security. Here’s what they had to say.

AI and Large Language Models (LLMs) are at the proverbial tip of the iceberg.

What we saw with AI and LLMs, and given the amount of investment that has gone into progressing this technology, I expect to see rapid innovation in all aspects of LLM usage in 2024—specifically at the foundational level, such as scale and efficiency. More importantly, we will see the emergence of very impactful use cases in industry verticals such as healthcare, learning, manufacturing, and automation.   

We will also see increased adoption of LLMs for the edge—LLMs, and AI will go where the data resides or is generated as opposed to aggregating all the data to a centralized location. This adoption will accelerate exponentially in addressing some of society’s most complex and urgent problems. Furthermore, I expect more solutions and regulations to emerge to grant organizations the confidence and guidance they need to use these powerful tools effectively and in a trustworthy manner.” 

The best security program requires a combination of purpose-built, automated technology and human intuition and intelligence.

Nabil Hannan

Nabil Hannan
Field CISO

“We’re still facing a deficit of cybersecurity professionals globally. The skills shortage will ultimately be the bottleneck impacting the effectiveness of cybersecurity initiatives. Additionally, budgets and investments into proactive security training and procurement are being put on hold, so businesses, in turn, are limiting their ability to improve their cybersecurity posture. That needs to flip in 2024 as organizations that fail to keep pace with the rate of transformation in the industry will inevitably falter, as the human element is still the weakest link in today’s cyber ecosystem.”

A politically focused year will spark more nation-state attacks.

Nick Walker

Nick Walker
Regional Director, EMEA

“As we enter 2024, notably an election year for many, political situations will likely lead to more nation-state attacks against critical and national infrastructure. A politically focused year, along with increasing usage of technologies such as Artificial Intelligence (AI), will require businesses to lean towards establishing strong and efficient spending, along with more software-based solutions that empower an ‘always on’ mindset to combat today’s threat landscape.”

Regulations will continue to progress, but insider threats remain the biggest roadblock to securing the software supply chain.

Tyler Sullivan

Tyler Sullivan
Senior Security Consultant

“The U.S. has made strides in cybersecurity legislation and guidance in 2023. Most notably, CISA announced its Open-Source Software (OSS) security roadmap, and the U.S. partnered with Japan, India, and Australia to strengthen software security for governments. Collaborative work like this will drive security forward for nations that may not have security maturity. 

The new SEC guidelines are essential in the evolving cybersecurity landscape. The SEC puts more pressure on organizations to create more robust security practices. Even though regulations are not always flawless, such as the guidelines requiring disclosures within four days of an incident being declared ‘material.’ This short time frame could open up loopholes regarding incident categorization; however, it’s a step in the right direction. In the new year, I would expect more urgency in legislation, including continued pressure on software suppliers themselves, to keep up with the ever-increasing risk of the software supply chain.”

Teams must keep pace with digital transformation to ensure cloud security.

Karl Fosaaen

Karl Fosaaen
VP of Research

“Across industries, even with workloads shifting to the cloud, organizations suffer from technical debt and improper IT team training – causing poorly implemented and architected cloud migration strategies. In 2024, IT teams will look to turn this around and keep pace with the technical skills needed to secure digital transformations. Specifically, I expect to see IT teams limit account user access to production cloud environments and monitor configurations for drift to help identify potential problems introduced with code changes.  

Every cloud provider has, more or less, experienced public difficulties with remediation efforts and patches taking a long time. I anticipate seeing organizations switch to a more flexible deployment model in the new year that allows for faster shifts between cloud providers due to security issues or unexpected changes in pricing. Microsoft’s recent ‘Secure Future Initiative’ is just the start to rebuild public trust in the cloud.”  

The year 2024 will undoubtedly be a rollercoaster for the cybersecurity industry, but we hope these insights help organizations get on the offense and remain vigilant against growing threats. Here’s to a more secure, collaborative, and proactive new year!

[post_title] => 5 Cyber Trends to Expect in 2024 [post_excerpt] => It's time to move from defense to offense in 2024. Our cybersecurity experts predict AI-powered attackers and proactive vendors leading the trends. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => 5-cyber-trends-to-expect-in-2024 [to_ping] => [pinged] => [post_modified] => 2024-01-05 16:44:18 [post_modified_gmt] => 2024-01-05 22:44:18 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31728 [menu_order] => 13 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [7] => WP_Post Object ( [ID] => 31749 [post_author] => 91 [post_date] => 2024-01-04 09:00:00 [post_date_gmt] => 2024-01-04 15:00:00 [post_content] =>

On January 4, 2024, NetSPI's Field CISO Nabil Hannan contributed an article to Information Week on the rise of deepfakes, how they're used, and how they affect the security landscape. Read the preview below or view the full story online.

+++

Deepfakes are increasingly popular as a modern technology phenomenon, gaining popularity primarily because the source code and software to create them have become readily available to the public.

At the same time, recent data indicates general awareness around deepfakes continues to increase, especially as high-profile figures like Mark Zuckerberg are mimicked through the technology. However, while deepfakes are not so new anymore, questions remain around the practical applications of using a deepfake as an attack vector, how easy it is to perform this kind of attack, and what they mean for our security.

You can read the full article at https://www.informationweek.com/machine-learning-ai/the-rise-of-deepfakes-and-what-they-mean-for-security.

[post_title] => Information Week: The Rise of Deepfakes and What They Mean for Security [post_excerpt] => NetSPI's Field CISO Nabil Hannan contributed an article to Information Week on the rise of deepfakes, how they're used, and how they affect the security landscape. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => information-week-the-rise-of-deepfakes-and-what-they-mean-for-security [to_ping] => [pinged] => [post_modified] => 2024-01-09 12:35:28 [post_modified_gmt] => 2024-01-09 18:35:28 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31749 [menu_order] => 11 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [8] => WP_Post Object ( [ID] => 31660 [post_author] => 91 [post_date] => 2023-12-28 09:00:00 [post_date_gmt] => 2023-12-28 15:00:00 [post_content] =>

Buckle up, rewind, and get ready for NetSPI’s reveal! Before we dive into the new year, we’re taking a moment to reflect on 2023—a year that passed by in a blur of milestones and moments. 

It was a year that demanded resilience, adaptability, and maybe a few extra cups of coffee. But amidst the whirlwind, there were triumphs, breakthroughs, and moments of sheer celebration on our team that made this year one to remember. 

Grab a warm cup of cheer, pull up a comfy chair, and join us as we rewind the track on 2023 through our favorite team moments, the resources that helped us thrive, and a much-needed reminder that even the most fast-paced years are worth slowing down to celebrate.

Our Favorite #TeamNetSPI Moments 

Marking milestones and welcoming new furry faces was all part of an exciting 2023 for our team. 

1. Celebrating our new headquarters 

Skyline views are on the horizon as we officially plant our flag at our amazing new headquarters. 

2. Officially passing 500 team members

Our team raced past 500 people in January, and is quickly approaching the next milestone, proving that we accomplish more together than we ever could apart. 

3. Welcoming Jersey to the NetSPI team

As the only four-legged member of our team, Jersey supports children and families during their time at the Masonic Children's Hospital's Institute for the Developing Brain. 

Top Educational Resources 

Building a more secure world starts with education. Our top resources this year spanned from Blockchain to Attack Surface Management

1. Offensive Security Vision Report 2023 

Our top resource in 2023 was NetSPI’s Offensive Security Vision Report, a first-hand study that summarizes the top vulnerabilities by attack surface and much more.

Offensive Security Vision Report 2023

2. 5 Blockchain Security Fundamentals Every C-Suite Needs to Know 

Dive into blockchain security! This eBook shares how major companies are using distributed ledger technology (DLT) today and the importance of security planning for blockchain operations. 

5 Blockchain Security Fundamentals Every C-Suite Needs to Know

3. How to Use Attack Surface Management for Continuous Pentesting

Point in time testing is so 2023. In this article, we explain how the shift to proactive security is rooted in always-on monitoring of known and unknown internet-facing assets.  

How to Use Attack Surface Management for Continuous Pentesting

Technical Articles the Industry Loved 

Technical articles reign supreme. 👑 Here are the top three technical articles our audience loved in 2023. 

1. Abusing Entra ID Misconfigurations to Bypass MFA

Explore Entra ID with Kyle Rozendaal. While conducting an Entra Penetration Test, we discovered a simple misconfiguration in Entra ID that allowed us to bypass MFA. 

Abusing Entra ID Misconfigurations to Bypass MFA

2. Escalating Privileges with Azure Function Apps 

Dive into privilege escalation with Karl Fosaaen. See how undocumented APIs used by the Azure Function Apps Portal menu allowed for directory traversal on the Function App containers. 

NetSPI Finds Privilege Escalation Vulnerability in Azure Function Apps

3. Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps by Karl Fosaaen

Repurposed from our DEF CON Cloud Village Talk (What the Function: A Deep Dive into Azure Function App Security), Thomas Elling and Karl Fosaaen stumbled onto an extension of the existing research in the above article, Escalating Privileges with Azure Function Apps. 

Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps 

Most Listened to Podcast Episodes 

Our mics were on fire this year! Tune in as we revisit the top podcast episodes that sparked debates, hit on industry best practices, and left you wanting to hit "repeat" on cyber defense. 

1. Episode 055: Teaching Next Gen Cybersecurity Leaders with Neil Plotnick 

Gear up for the future of cyber with Agent of Influence! In this episode, NetSPI’s Field CISO and host of the podcast Nabil Hannan tackles a pivotal topic: cybersecurity education. He's joined by Neil Plotnick, a high school educator on the front lines as they dissect modern curriculum, student attitudes towards online data, and the crucial question: how do we cultivate the next generation of cyber defenders? 

2. Hack Responsibly: Riding the Azure Service Bus (Relay) into Power Platform with Scott Sutherland and Karl Fosaaen

On the inaugural episode of Hack Responsibly, we crack open the vault on Azure security with special guest, security consultant Jake Scheetz. Join the crew as they dissect Nick's noteworthy vulnerability disclosure: a cross-tenant Azure exploit in Power Platform Connectors. 

https://www.youtube.com/watch?v=2kEHf9s596k

3. Leading with FUN Instead of FUD with Tim Derrickson

Hold onto your hats—fun times and security insights are ahead! Nabil hosted guest Tim Derrickson, Director of IT and Security Services at One Step Secure IT, for a discussion on dropping the tone of Fear, Uncertainty, and Doubt (FUD) and injecting some much-needed fun into the cybersecurity conversation. 

Webinars that Captured Attention 

These webinars rose above the noise, giving our viewers tangible insight into NetSPI’s proactive security solutions, including Breach and Attack Simulation (BAS) and Attack Surface Management (ASM). 

1. Product Pulse: Demo of Breach and Attack Simulation (BAS)  

Hear from Spencer McClain as he guides you through our BAS platform demo and shares some of our favorite customer success stories. 

Product Pulse: Live Demo of Breach and Attack Simulation (BAS)

2. ASM In Action: NetSPI’s Attack Surface Management Demo 

See NetSPI’s ASM platform in action as Scott Henderson walks you through its ability to improve visibility, inventory, and understanding of known and unknown assets and exposures. 

Product Pulse: Live Demo of Breach and Attack Simulation (BAS)

3. Keeping Up with Medical Device Cybersecurity: Q&A with Product Security Leaders at Medtronic, Abbott, and MITRE 

Hear from medical device security leaders as they share best practices on compliance, updatability, vulnerability management, and more in this panel discussion. 

Keeping Up with Medical Device Cybersecurity: Q&A with Product Security Leaders at Medtronic, Abbott, and MITRE

As we raise a toast to the year's successes and lessons learned, we can't help feeling excited about the year to come. 2024 promises to be an adventure, and NetSPI is ready to tackle the challenges in stride. 

Get our best resources hand-picked for you. Want access to proactive security insights, industry takes, and a front-row seat to our 2024 game plan? Sign up for our monthly newsletter!  

[post_title] => NetSPI [Un]Wrapped: Our Top Hits from 2023  [post_excerpt] => NetSPI rewinds the track on 2023! Take a break as we revisit favorite moments and resources from the year. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => netspi-unwrapped-top-hits-from-2023 [to_ping] => [pinged] => [post_modified] => 2023-12-22 13:09:16 [post_modified_gmt] => 2023-12-22 19:09:16 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31660 [menu_order] => 15 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [9] => WP_Post Object ( [ID] => 31650 [post_author] => 91 [post_date] => 2023-12-21 09:09:27 [post_date_gmt] => 2023-12-21 15:09:27 [post_content] =>
NetSPI’s Partner Program heads into 2024 poised for another record-breaking year.

Minneapolis, MN – December 21, 2023NetSPI, the global leader in proactive security, today celebrates the achievements of its Partner Program in 2023, which experienced double-digit growth. This year, the company achieved a 30 percent year-over-year increase in partner-sourced revenue and doubled the number of opportunities. New partners have also more than doubled in 2023, with over 70 percent of NetSPI’s active partners having joined since the launch of the new Partner Program. In 2023 NetSPI gained 86 new partners, including Optum, Defy Security, and BMC. 

To fulfill the interest and momentum and nurture existing relationships, the internal partner team at NetSPI added four new team members, including Steve Baral, VP of Strategic Alliances and MSSP. Partner co-marketing and thought leadership opportunities have also increased significantly, with more than 5x joint or partner-facing activity over the past 12 months. Activity included events in US and EMEA, Webinars, Blog collaborations, and Podcasts.  

As 2023 draws to a close, NetSPI reflects on the strategic collaborations and synergies that have propelled its Partner Program to new heights. It is an exciting time to partner with NetSPI, as the program is positioned for another record-breaking year ahead. 

Empowering More Partners 

To continue this growth, the partner team at NetSPI is focused on empowering more partners in 2024. Lauren Gimmillaro, VP of Business Development and Strategic Alliances, is preparing to launch a new partner portal in January that will represent NetSPI’s deepening commitment to a partner-centric business model, providing growth opportunities for partners of all sizes, worldwide.  

“The performance we’ve seen from our partner community this year has been encouraging,” said Lauren. “It represents an opportunity for scale as we move into a more automated deal registration process for our partners, more on-demand enablement, and customizable resources for more strategic outreach.”  

The NetSPI Partner Program is also expanding to support more partner types, including MSSPs and Cyber Insurance Partners. “We recently announced a partnership with Chubb, one of the leading publicly traded property and casualty insurance companies,” Steve Baral, VP Strategic Alliances & MSSP, shared. “Through this partnership, Chubb customers gain access to NetSPI’s proactive security solutions, including complimentary access to our Attack Surface Management (ASM) platform.” This ASM offer is part of Chubb’s Cyber Services Program, designed to enable Chubb’s customers to proactively strengthen their security posture and mitigate risk of a claim. To read more about the partnership with Chubb, please visit https://www.netspi.com/news/press-release/chubb-cyber-insurance-partnership/.  

Celebrating Partner of the Year Awards 

In addition to its growth achievement, NetSPI today announced its Partner of the Year Award recipients. The awards recognize the invaluable contributions of the company's growing partner network. Honorees include, CompuNet as US Partner of the Year, Softcat as EMEA Partner of the Year, Enduir as New Partner of the Year, and ReliaQuest as Tech Partner of the Year. To read the full Partner of the Year announcement, please visit https://www.netspi.com/blog/executive/partners/partner-awards-2023

To learn more about the NetSPI Partner Program, or inquire about becoming a partner, visit https://www.netspi.com/partners/.

About NetSPI

NetSPI is the global leader in proactive security, delivering the most comprehensive suite of penetration testing, attack surface management, and breach and attack simulation solutions. Through a combination of technology innovation and human ingenuity NetSPI helps organizations discover, prioritize, and remediate security vulnerabilities. Its global cybersecurity experts secure the world’s most prominent organizations, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500. NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India.

Media Contacts: 
Tori Norris, NetSPI 
victoria.norris@netspi.com
(630) 258-0277  

Jessica Bettencourt, Inkhouse for NetSPI 
netspi@inkhouse.com
(774) 451-5142

[post_title] => NetSPI Celebrates Momentous Year for its Partner Program, Achieves 30% Growth in 2023  [post_excerpt] => NetSPI celebrates a year of achievements and growth with their partner community [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => partner-program-growth-2023 [to_ping] => [pinged] => [post_modified] => 2023-12-21 09:09:28 [post_modified_gmt] => 2023-12-21 15:09:28 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31650 [menu_order] => 17 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [10] => WP_Post Object ( [ID] => 31630 [post_author] => 91 [post_date] => 2023-12-21 09:00:00 [post_date_gmt] => 2023-12-21 15:00:00 [post_content] =>

As we reflect on the past year with our Partner Program, we have much to be thankful for. With more than 30 percent year-over-year increase in partner-sourced revenue and almost double the number of partner-sourced opportunities we know we wouldn’t be where we are today without such dedicated support from our partners around the world.

Today, we are pleased to announce the winners of our annual Partner of the Year awards. It was difficult to narrow our selection down to the following list, as so many of our partners are putting in the work to grow with us, and so many of them deserve this recognition. With that, these awards celebrate some of our most strategic and impactful partnerships over the past year. Honorees include:

US Partner of the Year: CompuNet 

CompuNet, an engineering-led IT company whose strength lies in a team of outcome-driven and relationship-focused professionals, was our New Partner of the Year recipient last year, and this year they lived up to the hype. With an impressive 77 percent win rate on all deals we worked on together through the year, stable pipeline growth in their second year with us, and a 47 percent growth in closed-won business year-over-year, CompuNet has been an exemplary partner in our program over the past year. We look forward to continued growth with CompuNet in 2024 and beyond!

NetSPI joined CompuNet for a sun-soaked day in Montana at their annual golf event.

EMEA Partner of the Year: Softcat

Softcat, a leading provider of technology solutions and services to both private and public companies in the UK and Ireland, has been named EMEA Partner of the Year for its immediate acceleration into a very active partner in our EMEA region! Softcat just joined the partner program in July but already they are opening doors and creating opportunity for our EMEA team to expand in key industries, especially the financial services industry. We look forward to continued growth and appreciate the hard work already invested in our partnership.

New Partner of the Year: Enduir

Enduir, a full-service incident response and recovery services firm, has been awarded New Partner of the Year for their impressive performance in their first year working with us. Enduir signed onto our program in the second half of 2024 and they are off to a great start with a 100 percent win rate on some impressive deals. We look forward to a bright future with Enduir as we work with them in leveraging their front-line incident response and recovery experience to bolster the cyber resilience of our mutual clients.

Tech Partner of the Year: ReliaQuest 

ReliaQuest, a force multiplier of security operations with over 700 customers worldwide, has been honored as Tech Partner of the Year as their innovative work in detection controls aligns well with our ability to ensure detections are firing properly via our Breach and Attack Simulation. As NetSPI continues to expand with ReliaQuest’s GreyMatter, we see an opportunity to deliver always-on testing and proactive security to our mutual customers. We look forward to our continued strategic partnership with ReliaQuest in our joint efforts to drive outcomes for many of the most trusted enterprise brands in the world.

ReliaQuest and Enduir recently provided thought leadership in our blog on detection and response. Check out their insights here:

Closing Thoughts as We Look Toward 2024 

To our partner community: we have enjoyed working with and getting to know so many of you over the past year, and we are well-positioned to charge forward together into an even stronger and more exciting year ahead.  

Together, over the past year, we have established trust with many of our new partners and we refuse to take this progress for granted. We secured a foundation for accelerated success as many of our partners are bringing us into more and more customer relationships. This will be key as we brace for another record-breaking year in our Partner Program.   

A special thank you and congratulations to CompuNet, Softcat, Enduir, and ReliaQuest for your inspiring work in our Partner Program this year, and congratulations on your well-deserved recognition!  

Interested in becoming a NetSPI partner? Learn more about joining our inner circle here.

[post_title] => Celebrating Our Partners of the Year 2023 [post_excerpt] => Congratulations to NetSPI’s 2023 Partner of the Year Recipients CompuNet, Enduir, ReliaQuest, and Softcat! [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => partner-awards-2023 [to_ping] => [pinged] => [post_modified] => 2023-12-21 09:11:14 [post_modified_gmt] => 2023-12-21 15:11:14 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31630 [menu_order] => 18 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [11] => WP_Post Object ( [ID] => 31620 [post_author] => 91 [post_date] => 2023-12-19 09:32:04 [post_date_gmt] => 2023-12-19 15:32:04 [post_content] =>

It’s a question older than the internet—do we optimize our existing tech stack or invest in new technology? The debate is as fresh today as ever, especially with the saturation of solutions promising to simplify security stacks. NetSPI Partners bring a fresh perspective to the lofty goal of simplifying detection and response outcomes by weighing in on the long-term effects of complexity, discussing when to optimize versus invest in technology, and explaining how automation can ease workflows and enhance efficiency in detecting, investigating, and responding to threats. 

Meet the Contributors  

This roundup includes contributions from NetSPI Partners and Thomas Adams, NetSPI’s Product Manager, Breach and Attack Simulation. Partners include: 

1. In your experience, what are the top challenges SOC teams face with detection and response controls? 

“The top challenges I have seen SOC teams face with detection and response controls are defining strategy and increased complexity in their tech stacks. Without a clear strategy for detection and response controls, SOC teams will often suffer a negative feedback loop that leads to increased complexity in their tech stacks. This frequently leads to deploying numerous point solutions and patching them together to cover control gaps, only to eventually look at yet another tool that claims it will simplify your SOC operations.

A sound SOC detection and response control strategy should consider their organization's business aims and their organization's threat landscape. Using a threat intelligence informed approach tailored to your organization can help in selecting controls and solutions that will provide measurable improvements on mean times to detection and remediation (MTTD and MTTR).” 

Kris Kocinski, Enduir, Principal, Cloud Engineering

“I think one of the biggest challenges that SOC teams face is knowing what detections are missing and how they can increase the number of real alerts while not creating too many false positives. Every network and setup is unique and it takes real time investment to really make sure that the security stack you build is finely tuned for your stack and security policy.” 

Thomas Adams, Product Manager, Breach and Attack Simulation, NetSPI

“We see a need for unification and visibility for detection controls as the main challenges SOC teams must overcome. These teams have multiple point solutions (SIEM, EDR, NDR, IDS/IPS, etc.), all reporting various detections that need to be processed and worked on by a SOC team. They could have multiple detections in one platform that all relate to one event, or they may have one alert in numerous tools that all relate to one event, but the SOC team has no easy way of stitching or unifying these detections together without resorting to manual processes and subjective logic.

The same applies to response controls. Once confirmed, most cyber events will have multiple response and remediation steps spanning many tools or systems. SOC teams must manually interact with each disparate platform to take these response actions, slowing down containment and eradication times while increasing dwell/active threat times. To combat this, SOC teams should invest in a Security Operations platform that can integrate into their security control ecosystem and act as the detection and event unification system while offering robust, “single click” response plays across their technologies. This unified view will drastically speed up event identification, containment, eradication and reduce dwell/active threat times.” 

Jeff Music, ReliaQuest CISO

“Our customers’ SOC teams are seeing a high volume of alerts, coupled with false positives, which can put them at risk of decreased effectiveness in identifying and responding to real threats.

Every new technology, every new platform has its own set of logs and data formats. To add to the challenge, many of our customers operate in a hybrid infrastructure, and they are required to adapt their detection and response capabilities to an increasingly complex environment.

In the face of skills shortage our customers must ‘do more with less’ and run a gauntlet of evolving challenges including sophisticated attacks, advanced persistent threats (APTs), integration challenges, ineffective automation, compliance requirements, evolving data protection regulations, and insider threats.”  

Harsh Thanki, SecureLink Security Consultant

2. What are some indicators that a client can enhance their existing tech stack versus invest in new technology? 

“I believe that before you invest in expanding your tech stack you should have an audit of your current capabilities and carefully evaluate whether they are being used to their fullest potential and if it is possible to better configure and tune them to cover whatever gap has been identified.” 

Thomas Adams, Product Manager, Breach and Attack Simulation, NetSPI 

“When assessing whether to enhance an existing tech stack or invest in new technology, it's important to consider your current capabilities, before considering a new technology. Review your stack’s performance metrics and adaptability, and how you are trending on key performance indicators in your SOC.  

If the current stack exhibits inefficiencies in handling evolving threats, lacks adaptability, or hinders integration, enhancement is likely warranted. Enhancements could be exploring potential features you have yet to leverage in a solution, or automating a repetitive manual task in the stack. Conversely, if technological gaps persist in addressing specific threat vectors or compliance requirements, strategic investments in new technologies are warranted.” 

Kris Kocinski, Enduir, Principal, Cloud Engineering 

“Ultimately, the decision should be based on a thorough analysis of the organisation's specific situation, considering factors such as functionality, integration, cost, scalability, and the long-term business strategy.  

Our customers in a rapid-growth phase often come to us with challenges as they feel they have outgrown their tech stack. Solutions that once were effective might appear to have failed to scale with them, but in some cases optimization, performance tuning, and additional configurations are all they need to continue without being forced into additional tech stack purchases.  

We also see a lack of employee training and enablement where the customers’ current tech stack is under-utilised. Employee training must be part of the plan from day one to ensure they are getting the most out of their existing tech stack. We also advise our customers to gather feedback from key stakeholders, including end-users and IT staff, to understand pain points and areas where improvements are needed. This input can guide decisions on whether enhancements or new technology are more appropriate.” 

Harsh Thanki, SecureLink Security Consultant

3. What kind of problems start to present themselves when security stacks become too complex? 

“When security stacks become too complex, SOC teams become overwhelmed with basic management and maintenance of these platforms, rarely realize the full value of the different platform capabilities, and often experience a false sense of “security” based on the technology's promises versus real-world application and outcomes.  

SOC teams should continuously measure their cyber tools and program effectiveness to identify gaps in visibility, prevention, and detection. SOC leaders can use this data to gain insights into where controls may be missing and identify where systems or tools may be too complex for the outcomes they are driving toward achieving.”  

Jeff Music, ReliaQuest CISO

“The more complex your security tech stack gets, the more likely you are to have redundant or overlapping (even at times incompatible) features, a lack of visibility, muted agility, compliance challenges, and increased overhead. Complex security stacks can often require highly specialized skills for configuration, management, and optimization. If there is a shortage of skilled personnel or inadequate training programs, it can impede the effective operation of the security infrastructure. 

To address these issues, organizations should periodically review their security stack, streamline redundant tools, and seek solutions that provide a balance between effectiveness and simplicity. Regular assessments and adjustments are crucial to maintaining a robust, agile, and manageable cybersecurity posture.” 

Harsh Thanki, SecureLink Security Consultant 

“When security stacks become too complex, many of the other problems we see endemic to SOC job roles emerge, such as knowledge silos, resource constraints, burnout, and increased time and effort to onboard and train resources. As complexity increases, resources become constrained to owning different solutions or products in the stack. This often leads to knowledge silos across the SOC, as other day to day responsibilities and on-call reduce the ability to cross train resources on the sprawl of solutions.  

Additionally, this complexity makes it hard to onboard and train new resources, especially junior ones. Over time, these problems lead to burnout on the SOC team, which in turn will amplify these problems.” 

Kris Kocinski, Enduir, Principal, Cloud Engineering 

“When the security stack becomes too complex you start facing the problems in multiple areas, training new analyst becomes tedious and lengthy,  you have to start making decisions about what data is the most important or accurate,  analyst start facing burnout, documentation and policy writing become challenging, and this can lead to a false sense of security for non-technical leadership.” 

Thomas Adams, Product Manager, Breach and Attack Simulation, NetSPI 

4. In your experience, how has automation played a role in simplifying security stacks? 

“Our customers who have successfully implemented automation within their security tech stacks are minimizing manual effort within several areas including incident response, threat intelligence, patch management, log correlation, user behaviour analytics (UBA), suspicious email quarantine, and policy enforcement. By incorporating automation into these aspects of cybersecurity, organizations can achieve faster response times, reduce the likelihood of human errors, and improve the overall effectiveness of their security stacks. This, in turn, contributes to simplifying security operations and adapting to the dynamic and evolving threat landscape.” 

Harsh Thanki, SecureLink Security Consultant 

“Automation plays a significant role in simplifying security stack outcomes. SOC teams are focused on detecting threat actors in their environment, conducting complete investigations of these events, and responding to them appropriately to ensure complete threat eradication.  

Automation allows SOC teams to leverage the full capability of their security stack at machine speed when detecting, investigating, and responding. Automation can remove manual tasks and processes from some, if not most, of the SOC lifecycle, dramatically reducing the time it takes to detect, investigate, and respond to a threat. When automation is successfully leveraged, SOC teams can experience efficiencies in Mean Time To Respond (MTTR) from days down to minutes.”  

Jeff Music, ReliaQuest CISO 

“I believe that the future security stack will be heavily invested in Artificial Intelligence and Machine Learning while maintaining a human in the loop. This model will allow analysis of multiple data sources at machine speed and output that information to a human analyst for decision making and validation.” 

Thomas Adams, Product Manager, Breach and Attack Simulation, NetSPI 

“Automation has played a key role in simplifying security stacks and SOC operations by alleviating resources from time-consuming manual tasks, unblocking resources from repetitive stack operations to focus on other key initiatives and tasks, and increases consistency and confidence in SOC processes.  

Through the strategic deployment of automated workflows, routine processes such as incident detection, analysis, and response can be expedited with precision. The efficiencies gained from automation allow for more time to train your resources, reduce complexity in the tech stack, and help to reduce burnout by enabling your SOC team to operate more efficiently.” 

Kris Kocinski, Enduir, Principal, Cloud Engineering 

The balance between optimizing and investing will always be at play in the security industry. Automation can play a role in simplifying the detection, investigation, and response to threats, but really, it comes down to considering your current capabilities in light of your business goals and threat landscape before investing in new technology. 

This post was written in collaboration with NetSPI’s Partners. Learn more about becoming a NetSPI partner here.

[post_title] => Invest vs. Optimize: Industry Leaders Weigh in on Simplifying Security Tech Stacks  [post_excerpt] => Optimize the tech stack or invest in new technology? NetSPI Partners weigh in on complexity and automation to simplify security stacks. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => industry-leaders-weigh-in-on-simplifying-security-tech-stacks [to_ping] => [pinged] => [post_modified] => 2023-12-19 09:32:06 [post_modified_gmt] => 2023-12-19 15:32:06 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31620 [menu_order] => 20 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [12] => WP_Post Object ( [ID] => 31631 [post_author] => 91 [post_date] => 2023-12-19 09:00:00 [post_date_gmt] => 2023-12-19 15:00:00 [post_content] =>

NetSPI Chief Product Officer Vinay Anand was quoted in eSecurity Planet's 2024 cybersecurity trends roundup, predicting that comprehensive visibility into all assets and tight control over who can access them will remain a top challenge for security leaders. Read the preview below or view the full story online.

+++

As 2023 draws to an end and cybersecurity budgeting is nearly complete, it helps to consider the year’s events and try to predict next year’s trends. After receiving input from industry experts and doing my own analysis of the year’s driving forces, I identified five major cybersecurity trends. We each need to consider how these trends may affect our organizations and allocate our budgets and resources accordingly:

  • AI will turbo-charge cybersecurity and cyberthreats: Artificial intelligence (AI) will boost both attackers and defenders while causing governance issues and learning pains. Read more.
  • Cybercrime will go to the next level: Cyberattackers will implement improved skills, “shift left” attacks, and shifting strategies to adjust to evolving cyberdefense. Read more.
  • Attack surfaces will explode: Cyberdefense complexity will compound as API, cloud, edge, and OT resources add to the list of assets to defend. Read more.
  • Government actions will increase: Expect more government regulations, state-sponsored cyberattacks, and increased documentation required to protect CISOs. Read more.
  • 2023 cybersecurity issues will continue: Weak IT fundamentals, poor cybersecurity awareness, and ransomware will still cause problems and make headlines. Read more.
  • Bottom line: Prepare now based on risk. Read more.

--

Weak Security Foundations

Even as vendors and technologies race ahead to tackle next year’s threats, many organizations lag in basic cybersecurity fundamentals such as asset managementidentityaccess managementdefense in depth, and cybersecurity awareness and training.

“Some of the foundational requirements for securing an organization will continue to challenge InfoSec leaders – primarily, establishing comprehensive visibility into all assets and tight control over who can access them and with what level of privileges,” acknowledges Vinay Anand, Chief Product Officer of NetSPI.

--

You can read the full article at https://www.esecurityplanet.com/trends/cybersecurity-trends/#3-attack-surfaces-will-explode.

[post_title] => eSecurity Planet: 5 Major Cybersecurity Trends to Know for 2024 [post_excerpt] => NetSPI Chief Product Officer Vinay Anand was quoted in eSecurity Planet's 2024 cybersecurity trends roundup. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => esecurity-planet-5-major-cybersecurity-trends-to-know-for-2024 [to_ping] => [pinged] => [post_modified] => 2023-12-20 14:00:27 [post_modified_gmt] => 2023-12-20 20:00:27 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31631 [menu_order] => 19 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [13] => WP_Post Object ( [ID] => 31616 [post_author] => 91 [post_date] => 2023-12-11 09:00:00 [post_date_gmt] => 2023-12-11 15:00:00 [post_content] =>

Hear from NetSPI CEO Aaron Shilts as he discusses advancing offensive security, innovating post $410 million funding and tackling AI cyber threats on #NYSEFloorTalk with Judy Khan Shaw.

+++

https://www.youtube.com/watch?v=GNYtEmGNNN8
[post_title] => NYSE Floor Talk: NetSPI CEO Aaron Shilts discusses advancing offensive security and tackling AI cyber threats [post_excerpt] => Hear from NetSPI CEO Aaron Shilts as he discusses advancing offensive security, innovating post $410 million funding and tackling AI cyber threats. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => nyse-floor-talk-netspi-ceo-aaron-shilts-discusses-advancing-offensive-security-and-tackling-ai-cyber-threats [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:55:39 [post_modified_gmt] => 2023-12-15 22:55:39 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31616 [menu_order] => 21 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [14] => WP_Post Object ( [ID] => 31609 [post_author] => 91 [post_date] => 2023-12-06 09:00:00 [post_date_gmt] => 2023-12-06 15:00:00 [post_content] =>

NetSPI's partnership with Chubb was featured in Insurance Business Magazine. Read the preview below or view it online.

+++

Chubb has partnered with cybersecurity company NetSPI to provide advanced attack surface management and penetration testing solutions.

Through this partnership, policyholders in Canada and the US gain access to NetSPI’s array of proactive solutions, including Breach and Attack Simulation (BAS), Attack Surface Management (ASM), and its penetration testing services.

NetSPI’s solutions are flexible and can cater to businesses of any size across various sectors, according to a news release from Chubb.

“This collaboration with NetSPI provides clients with peace of mind, enabling them to identify vulnerabilities, security issues, and exposure to risk before it escalates into a claim,” said Craig Guiliano, vice president of cybersecurity threat intelligence. “This value-added solution is part of Chubb's efforts to proactively identify cyber exposures that are difficult to detect using common scanning tools and to strengthen our policyholders' security posture more broadly.”

You can read the full article at https://www.insurancebusinessmag.com/us/news/cyber/chubb-enhances-cyber-solutions-through-new-partnership-469088.aspx!

[post_title] => Insurance Business Magazine: Chubb enhances cyber solutions through new partnership [post_excerpt] => NetSPI's partnership with Chubb was featured in Insurance Business Magazine. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => insurance-business-magazine-chubb-enhances-cyber-solutions-through-new-partnership [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:43:37 [post_modified_gmt] => 2023-12-15 22:43:37 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31609 [menu_order] => 23 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [15] => WP_Post Object ( [ID] => 31615 [post_author] => 91 [post_date] => 2023-12-06 09:00:00 [post_date_gmt] => 2023-12-06 15:00:00 [post_content] =>

NetSPI's partnership with Chubb was featured in Reinsurance News. Read the preview below or view it online.

+++

Property and casualty insurance company Chubb has announced the launch of its cyber protection partnership with NetSPI, a cybersecurity specialist.

NetSPI is an expert in proactive security, aiming to strengthen its clients’ cyber-risk profile via enhanced attack surface management and penetration testing solutions.

Through this collaboration, Chubb policyholders in the US and Canada will be able to use NetSPI’s full portfolio of proactive security solutions, including Breach and Attack Simulation (BAS), Attack Surface Management (ASM).

...

You can read the full article at https://www.reinsurancene.ws/chubb-enhances-cyber-offering-with-netspi-partnership/.

[post_title] => Reinsurance News: Chubb enhances cyber offering with NetSPI partnership [post_excerpt] => NetSPI's partnership with Chubb was featured in Reinsurance News. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => reinsurance-news-chubb-enhances-cyber-offering-with-netspi-partnership [to_ping] => [pinged] => [post_modified] => 2023-12-18 12:08:06 [post_modified_gmt] => 2023-12-18 18:08:06 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31615 [menu_order] => 22 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [16] => WP_Post Object ( [ID] => 31607 [post_author] => 91 [post_date] => 2023-12-05 09:00:00 [post_date_gmt] => 2023-12-05 15:00:00 [post_content] =>

NetSPI's cyber protection partnership with Chubb was reported on by Seeking Alpha. Read the preview below or view the article online.

+++

  • Property & and casualty insurance firm Chubb (NYSE:CB) Tuesday announced a collaboration with cybersecurity company NetSPI to strengthen clients' cyber-risk profile via enhanced attack surface management and penetration testing solutions.
  • Chubb policyholders in the U.S. and Canada can take advantage of NetSPI's portfolio of proactive security solutions and its suite of comprehensive penetration testing offerings at preferred pricing, the company added.
  • As part of this collaboration, select Chubb clients would be eligible to access NetSPI's Attack Surface Management platform at no cost.

You can read the full article at https://seekingalpha.com/news/4043421-chubb-and-netspi-launch-cyber-protection-partnership!

[post_title] => Seeking Alpha: Chubb and NetSPI launch cyber protection partnership [post_excerpt] => NetSPI's cyber protection partnership with Chubb was reported on by Seeking Alpha. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => seeking-alpha-chubb-and-netspi-launch-cyber-protection-partnership [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:38:59 [post_modified_gmt] => 2023-12-15 22:38:59 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31607 [menu_order] => 24 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [17] => WP_Post Object ( [ID] => 31567 [post_author] => 91 [post_date] => 2023-12-05 07:30:00 [post_date_gmt] => 2023-12-05 13:30:00 [post_content] =>
Chubb leverages NetSPI’s technology to help policyholders go on the offensive against cyber threats.

WHITEHOUSE STATION, N.J. – December 5, 2023 – Chubb, the world's largest publicly traded property & casualty insurance company, has announced an innovative collaboration with NetSPI, a global leader in proactive security, to strengthen clients’ cyber-risk profile via enhanced attack surface management and penetration testing solutions.  

Chubb policyholders in the U.S. and Canada can take advantage of NetSPI’s full portfolio of proactive security solutions, including Breach and Attack Simulation (BAS), Attack Surface Management (ASM), as well as a suite of comprehensive penetration testing offerings, at preferred pricing, subject to applicable insurance laws.  NetSPI’s suite of solutions can be tailored to support any size business across all industries. 

“This collaboration with NetSPI provides clients with peace of mind, enabling them to identify vulnerabilities, security issues, and exposure to risk before it escalates into a claim,” said Craig Guiliano, Vice President of Cybersecurity Threat Intelligence at Chubb. “This value-added solution is part of Chubb’s efforts to proactively identify cyber exposures that are difficult to detect using common scanning tools and to more broadly strengthen our policyholders’ security posture.” 

“We're thrilled to empower Chubb clients to proactively confront cyber threats,” said Aaron Shilts, President and CEO of NetSPI. “Too often we see companies forced to react after incurring losses from cyberattacks that can severely impact their finances and reputation. Chubb understands the value of ensuring clients enhance their security apparatus and minimize their susceptibility to risk.” 

An advantage to the Chubb policyholder stemming from this partnership is the access to NetSPI’s industry-leading proactive security technology and expertise allowing Chubb policyholders to keep pace with an ever-evolving risk environment. 

As part of this collaboration, select Chubb clients are eligible to access NetSPI's Attack Surface Management (ASM) platform at no cost. This solution continuously evaluates client attack surfaces for exposures and vulnerabilities. It utilizes its penetration testing expertise to decrease the probability and impact of a costly cyberattack, provide actionable insights for attack surface reduction, and decrease false positives to help teams prioritize remediation.  

Chubb offers insurance coverage for data breaches, network security, and other cyber risks, for over 20 years. With these new policyholder offerings, Chubb Cyber Insurance further provides more value-added benefits at a time when organizations are playing defense against the threats of data breaches, business interruption and reputational risk following a cyber incident. 

Chubb policyholders interested in learning more about NetSPI’s offerings and rates can submit a request via Chubb Cyber Services page here. For further information about Chubb Cyber Insurance, please visit here.

About Chubb

Chubb is the world's largest publicly traded property and casualty insurance company. With operations in 54 countries and territories, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. As an underwriting company, we assess, assume and manage risk with insight and discipline. We service and pay our claims fairly and promptly. The company is also defined by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength and local operations globally. Parent company Chubb Limited is listed on the New York Stock Exchange (NYSE: CB) and is a component of the S&P 500 index. Chubb maintains executive offices in Zurich, New York, London, Paris and other locations, and employs approximately 40,000 people worldwide. Additional information can be found at: www.chubb.com

Chubb Insurance Company of Canada has offices in Toronto, Calgary, Montreal and Vancouver and provides its products and services through licensed insurance brokers across Canada. For additional information, visit: chubb.com/ca.

About NetSPI

NetSPI is the global leader in proactive security, delivering the most comprehensive suite of penetration testing, attack surface management, and breach and attack simulation solutions. Through a combination of technology innovation and human ingenuity NetSPI helps organizations discover, prioritize, and remediate security vulnerabilities. Its global cybersecurity experts secure the world’s most prominent organizations, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500. NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India.

Media Contacts: 
Ben Tanner, Chubb
ben.tanner@chubb.com
(212) 827-4454

Tori Norris, NetSPI 
victoria.norris@netspi.com
(630) 258-0277  

Jessica Bettencourt, Inkhouse for NetSPI 
netspi@inkhouse.com
(774) 451-5142

[post_title] => Chubb and NetSPI Launch Cyber Protection Partnership [post_excerpt] => Chubb has announced an innovative collaboration with NetSPI to strengthen clients’ cyber-risk profile via enhanced attack surface management and penetration testing solutions. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => chubb-cyber-insurance-partnership [to_ping] => [pinged] => [post_modified] => 2023-12-04 16:09:48 [post_modified_gmt] => 2023-12-04 22:09:48 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31567 [menu_order] => 25 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [18] => WP_Post Object ( [ID] => 31604 [post_author] => 91 [post_date] => 2023-11-17 09:00:00 [post_date_gmt] => 2023-11-17 15:00:00 [post_content] =>

NetSPI CEO Aaron Shilts and VP of Strategic Advisory Florindo Gallicchio share why employers should hire veterans in the workplace. On Veteran's Day, they spoke with SHRM about the transferrable skills and between the military and cybersecurity and shared tips for job seeking veterans. Read the preview below or view the article online.

+++

Veterans put everything on the line to serve their country. Many do it with the hope of gaining skills needed for their future careers, and they believe that having military service on their resume will help them land a good job. 

However, this isn't the reality for many veterans in the U.S. According to a study from the Pew Research Center, only 1 in 4 veterans report having a civilian job lined up for after they leave the military. Each year, nearly 200,000 veterans are on the lookout for jobs, but not all are successful. And while some do find jobs, often, they are not working in careers that match the skills they learned during their time of duty. 

--

Florindo Gallicchio, vice president of strategic advisory at NetSPI, said he's found that "veterans are loyal, disciplined and dedicated to the success of their company—this comes from their focus on a mission during active duty. They're also self-starters who can take minimal direction and run a project through to completion." 

--

Across the board, it's critical for HR and hiring managers to learn about veterans' needs, as well as figure out how their military skills could apply in the workplace.

"Traditionally, veterans who are separating from their active-duty roles and transitioning to civilian roles don't receive the most up-to-date information needed to look for and apply for jobs effectively," said Aaron Shilts, CEO of NetSPI and a veteran of the Army National Guard. "Employers can help with this by not immediately overlooking resumes that cross their desks that were written with military terminology. Employers and hiring managers should dig deeper to understand the transferable skills veterans possess."

You can read the full article at https://www.shrm.org/resourcesandtools/hr-topics/employee-relations/pages/helping-veterans-find-career-success.aspx!

[post_title] => SHRM: Helping Veterans Find Career Success [post_excerpt] => NetSPI CEO Aaron Shilts and VP of Strategic Advisory Florindo Gallicchio share why employers should hire veterans in the workplace. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => shrm-helping-veterans-find-career-success [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:34:24 [post_modified_gmt] => 2023-12-15 22:34:24 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31604 [menu_order] => 28 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [19] => WP_Post Object ( [ID] => 31602 [post_author] => 91 [post_date] => 2023-11-09 09:00:00 [post_date_gmt] => 2023-11-09 15:00:00 [post_content] =>

NetSPI's EVP of Strategy Tim MalcomVetter comments on the White House Executive Order for AI in Solutions Review. Read the preview below or view the article online.

+++

The editors at Solutions Review have compiled a collection of quotes and insights from industry experts on the recent Executive Order President Joe Biden made on AI.

On October 30th, 2023, President Joe Biden and the White House made an Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. As you can expect, there was a lot of discussion around the Executive Order, what it might mean for AI regulation, and how it will affect the trends involved in governing, developing, and using AI in enterprises across industries.

With that in mind, the Solutions Review editorial team compiled some commentary from industry experts worldwide, who shared their thoughts on the Executive Order and how it will change AI’s role in business.

“There has never been faster adoption of any technology than what we’ve seen with Generative AI, ML, and LLMs over the past year. A prime example of such rapid adoption and disruption is the public letter by Satya Nadella, CEO of Microsoft, where it was announced that all Microsoft products are or soon will be co-pilot enabled—this is just the starting point.

“The most recent AI Executive Order demonstrates the Biden administration wants to get ahead of this very disruptive technology for its use in the public sector and desires to protect the private sector by requiring all major technology players with widespread AI implementations to perform adversarial ML testing. The order also mandates NIST to define AI testing requirements, which is critical because no one can yet say with confidence that we, as a tech industry, exhaustively know all the ways these new AI implementations can be abused.” - Tim MalcomVetter, Executive Vice President of Strategy at NetSPI

You can read the full article at https://solutionsreview.com/business-process-management/industry-experts-quotes-on-the-united-states-executive-order-on-ai/!

[post_title] => Solutions Review: Industry Experts Quotes on the United States’ Executive Order on AI [post_excerpt] => NetSPI's EVP of Strategy Tim MalcomVetter comments on the White House Executive Order for AI in Solutions Review. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => solutions-review-industry-experts-quotes-on-the-united-states-executive-order-on-ai [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:30:35 [post_modified_gmt] => 2023-12-15 22:30:35 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31602 [menu_order] => 31 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [20] => WP_Post Object ( [ID] => 31597 [post_author] => 91 [post_date] => 2023-11-02 09:00:00 [post_date_gmt] => 2023-11-02 14:00:00 [post_content] =>

NetSPI's Tim MalcolmVetter comments on the White House executive order on Artificial Intelligence for insideBIGDATA's newsletter. Read the preview below or view it online.

+++

Welcome to insideBIGDATA’s “Heard on the Street” round-up column! In this regular feature, we highlight thought-leadership commentaries from members of the big data ecosystem. Each edition covers the trends of the day with compelling perspectives that can provide important insights to give you a competitive advantage in the marketplace. We invite submissions with a focus on our favored technology topics areas: big data, data science, machine learning, AI and deep learning. Enjoy!

The most recent AI Executive Order demonstrates the Biden administration wants to get ahead of this very disruptive technology for its use in the public sector and desires to protect the private sector by requiring all major technology players with widespread AI implementations to perform adversarial ML testing. The order also mandates NIST to define AI testing requirements, which is critical because no one can yet say with confidence that we, as a tech industry, exhaustively know all the ways these new AI implementations can be abused.” – Tim MalcomVetter, Executive Vice President, Strategy, NetSPI

You can read the full roundup at https://insidebigdata.com/2023/11/02/heard-on-the-street-11-2-2023/!

[post_title] => insideBIGDATA: Heard on the Street – 11/2/2023 [post_excerpt] => NetSPI's Tim MalcolmVetter comments on the White House executive order on Artificial Intelligence for insideBIGDATA's newsletter. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => insidebigdata-heard-on-the-street-11-2-2023 [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:22:16 [post_modified_gmt] => 2023-12-15 22:22:16 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31597 [menu_order] => 33 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [21] => WP_Post Object ( [ID] => 31599 [post_author] => 91 [post_date] => 2023-11-02 09:00:00 [post_date_gmt] => 2023-11-02 14:00:00 [post_content] =>

Nabil Hannan, NetSPI Field CISO was interviewed by ITPro Today regarding the key traits of effective CISOs. Read the preview below or view the article online.

+++

Cybersecurity professionals often have highly demanding roles in an organization. They are required to possess the necessary technical skills for managing the security infrastructure across the entire organization, while also maintaining a proactive mindset for continually evolving the security strategy. Unfortunately, due to the large responsibility they bear, they can become easy targets for blame when security incidents occur. Nevertheless, despite the stress, cybersecurity jobs remain attractive to candidates.

The position of the chief information security officer (CISO) stands out as one of the most influential and well-paying roles within an organization, attracting a diversity of talent. While strong technical skills are key, CISOs must also exhibit resilience, unwavering focus, and a strong commitment to transparency.

Interestingly, candidates with nontraditional backgrounds offer unique benefits to the cybersecurity field, specifically CISO roles. “I’ve found that individuals that have faced adversity in their life tend to make better CISOs,” noted Amit Anand, senior analyst at the Everest Group. “The challenges they have had to face tend to make them more adaptable and better at communication and collaboration.

ITPro Today spoke with CISOs and CEOs from a variety of organizations to determine traits that either nurture or hinder a CISO’s success. 

--

“Most CISO job descriptions focus on applicants with technical acumen but often fail to include the soft skills needed (i.e., communication, critical thinking, and leadership). For example, an essential component of the CISO role is understanding how an organization makes money and brings value to its customers. Often, threat actors will approach attacks based on where the money is. As a result, CISOs require soft skills to better make the connection between how cybersecurity fits into an organization’s broader financial picture.” - Nabil Hannan, Field CISO at NetSPI

You can read the full article at https://www.itprotoday.com/compliance-and-risk-management/do-you-have-what-it-takes-be-ciso-take-personality-quiz!

[post_title] => ITPro Today: Do You Have What It Takes to Be a CISO? Take the Personality Quiz [post_excerpt] => Nabil Hannan, NetSPI Field CISO was interviewed by ITPro Today regarding the key traits of effective CISOs. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => itpro-today-do-you-have-what-it-takes-to-be-a-ciso-take-the-personality-quiz [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:26:45 [post_modified_gmt] => 2023-12-15 22:26:45 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31599 [menu_order] => 35 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [22] => WP_Post Object ( [ID] => 31399 [post_author] => 91 [post_date] => 2023-10-31 09:44:29 [post_date_gmt] => 2023-10-31 14:44:29 [post_content] =>

October might be the spookiest time of the year, but for cybersecurity practitioners in the trenches, vulnerabilities can cause quite a scare year-round.

What’s most frightening is that many data breaches today happen because of well-known attack paths using simple tactics, as opposed to highly-skilled threat actors using advanced methods to gain entry to systems. A prime example of this is the recent vishing attack that caused massive disruption at casino chain MGM Resorts, as well as the City of Fort Lauderdale falling victim to a $1.2 million scam during a phishing attack. These simple, yet successful, breach attempts happen every day, and if organizations aren’t adequately prepared, they can face scary repercussions.

It’s time to go back to the basics, and revisit the most common vulnerabilities across attack surfaces according to NetSPI’s 2023 Offensive Security Vision Report. When bolstering your organization’s security strategy, it can be helpful to review resources like our annual report as well as the OWASP API Security Top 10 to ensure the fundamentals are covered.

Here are the six spookiest vulnerabilities of 2023 and their tips for remeidation. For a more comprehensive look at the most common vulnerabilities, access NetSPI’s 2023 Offensive Security Vision Report.

First Things First: Understanding the Most Common Attack Surfaces

In our report, NetSPI analyzed over 300,000 anonymized findings from thousands of pentest engagements spanning more than 240,000 hours of testing. Initially, we pulled the top 30 most prevalent vulnerabilities from our six core focus areas, or attack surfaces, from Resolve ™, NetSPI’s penetration testing as a service (PTaaS) platform. The attack surfaces we analyzed are as follows:

Next Up: Cover Your Bases Against 2023’s Top Vulnerabilities 

1. Web Applications: Authorization Bypass – Missing Function Level Access Controls (MFLAC)

If an MFLAC vulnerability exists, the application does not perform adequate access control checks and unauthorized users can perform actions outside of their intended scope of permissions. This can result in the access, modification, or deletion of data within the system. In the most severe instances, it may be used for privilege escalation. It is extremely prevalent in web applications and can be difficult to identify every instance of it. Given how severe it can be, it will be one of the likeliest attack paths to theft of data in a system.

Remediation Tip

“Fine-grained access controls should be implemented to properly attribute authorization of records/objects as well as functions to the individually authenticated and authorized user.”

Paul Ryan, Director, Application Pentesting

2. Mobile Applications: Authorization Bypasses – Insecure Direct Object References (IDOR) and Missing Function Level Access Controls (MFLAC)

Mobile applications can be susceptible to IDOR and MFLAC vulnerabilities in the same way as web applications. IDOR vulnerabilities are a privilege escalation flaw that allow one user to access another user’s data. Many mobile applications receive less scrutiny on their server-side APIs because there is greater technical complexity involved in performing these reviews.

3. Thick Applications: Client Side Controls

The server side component of the application does not examine the data it retrieves from the client to validate if it is secure or correct. This vulnerability allows the client to perform unauthorized actions. 

Thick, mobile, and embedded applications are more susceptible to this vulnerability than other kinds of applications because developers often do not consider the client to be untrusted.  

Remediation Tip  

“Ensure all client → server calls are checked for proper authorization on the server. Additionally, perform server-side input validation on the client → server call to ensure a malicious client cannot access functionality they aren’t intended to access.”

Andre Joseph, Director, Thick Client Pentesting

4. Cloud: Publicly Available Resources Hosting Sensitive Data

A publicly available cloud resource allows public, anonymous access. This can apply to cloud services like storage or to IP addresses assigned to virtual machines. Inadvertent public/anonymous access can lead to the exposure of sensitive data. In addition, this access could also potentially lead to privilege escalation vectors into the cloud environment.

Remediation Tip  

“Ensure that all cloud services are restricted to internal, authenticated access if public access is not required. Employ a layered security approach that uses both individual service configuration settings and organization-wide policies as an additional guardrail.”

Thomas Elling, Director, Cloud Pentesting

5. External Network: Publicly Available Resources Hosting Sensitive Data

Sensitive information such as credentials, API keys, and internal domain information can inadvertently be exposed in publicly accessible places such as online source code repositories, cloud storage platforms, and public paste sites. Attackers may discover publicly accessible information and use it against the organization’s employees and infrastructure. Credentials or API keys may allow an attacker to gain unauthorized access to an organization’s systems or cloud services for example, while internal organizational details might be used to build effective pretext scenarios for targeted social engineering attacks.

Remediation Tip

“Ensure that effective policies, procedures, and monitoring solutions are established to safeguard the flow of organizational information to external locations. Review commonly targeted sources of information such as GitHub and Pastebin on a regular basis to identify and remove any sensitive information that may have been inadvertently disclosed.”

Ryan Krause, Principal Consultant, External Network Pentesting 

6. Internal Network: Network Protocol Attacks

This vulnerability category includes most of the top network protocols that we frequently target to gain an initial foothold on an internal network. Most of these protocols are enabled by default and may be unknown or unused by the client organization. Exploitation of these common protocols could allow an attacker to gain a man-in-the-middle position with unsuspecting users. This could lead to credential or sensitive data exposure, a foothold on the domain, and privilege escalation.

Remediation Tip  

“Remove support for commonly exploited protocols if they are not being utilized for a business purpose internally. For example, we frequently identify unutilized LLMNR and NBNS protocols unknowingly exposed on internal Windows networks, and disabling them through Group Policy could completely remove these attack vectors.”

Josh Weber, Director, Internal Network Pentesting

As cybersecurity programs continue to mature, going back to the basics will always be an essential first step to successful security planning – helping to avoid frightening scares down the line. Download NetSPI’s 2023 Offensive Security Vision Report today for more on these common vulnerabilities, our top remediation tips, and how to bolster your security posture with offensive security measures.  

[post_title] => 6 of the Spookiest Vulnerabilities from 2023 [post_excerpt] => Watch out for these six common vulnerabilities across attack surfaces based on NetSPI’s 2023 Offensive Security Vision Report. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => six-of-the-spookiest-vulnerabilities-from-2023 [to_ping] => [pinged] => [post_modified] => 2023-10-31 14:00:37 [post_modified_gmt] => 2023-10-31 19:00:37 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31399 [menu_order] => 36 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [23] => WP_Post Object ( [ID] => 31367 [post_author] => 91 [post_date] => 2023-10-27 08:44:01 [post_date_gmt] => 2023-10-27 13:44:01 [post_content] =>

And the winner is… BAS! 

Since the launch of our Breach and Attack Simulation (BAS) enhancements in 2022, we’ve helped companies spanning all sizes and sectors improve their threat detection capabilities and move away from a ‘secure by default’ mindset that has rendered ineffective against the evolving and complex threat landscape. In fact, after implementing BAS, one NetSPI client saw a 500 percent detection coverage increase YoY! 

And the results go well beyond client testimonials, as NetSPI’s BAS offering has been recognized by two of the industry's most prominent awards in 2023. NetSPI has been named:  

  1.  "Breach and Attack Simulation Solution of the Year" by the CyberSecurity Breakthrough Awards, and 
  2. "Cutting Edge Breach & Attack Simulation" by Cyber Defense Magazine’s (CDM) Top InfoSec Innovators Awards 

Cyber Defense Magazine’s Editor, Yan Ross, commented on NetSPI’s BAS solution saying, “We scoured the globe looking for cybersecurity innovators that could make a huge difference and potentially help turn the tide against the exponential growth in cyber-crime. NetSPI is worthy of being named a winner in these coveted awards and consideration for deployment in your environment.” 

Both recognitions signify the importance and longevity of BAS, especially during a period of heightened cyber attacks and resource-constrained security teams. These awards further prove the value of in-depth detective control validation and the impact continuous testing can have on the industry's future. 

Why Breach and Attack Simulation? 

With NetSPI data showing only 20% of common attack behaviors being caught by Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and Managed Security Service Provider (MSSP) out-of-the-box solutions, security teams need a way to continuously simulate and track real attack behavior. BAS solves this ongoing problem and has become a powerhouse solution and critical component to any tech stack – allowing organizations to extend their security controls and better detect attacks across the kill chain.  

BAS works by combining the AttackSim cloud-native technology platform with hands-on counsel from our expert penetration testing team to deliver a continuous 360-degree view of an organization's detective controls tested against real-world attack Tactics, Techniques, and Procedures (TTPs).

Product Pulse: Live Demo of Breach and Attack Simulation (BAS)

Learn more about NetSPI’s Breach and Attack Simulation solution or schedule time to connect with us for a one-on-one discussion on validating your detective control efficacy.

[post_title] => NetSPI Wins Big with Breach and Attack Simulation [post_excerpt] => NetSPI takes home two awards recognizing its Breach and Attack Simulation (BAS) solution as cutting-edge technology. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => netspi-wins-big-with-breach-and-attack-simulation [to_ping] => [pinged] => [post_modified] => 2023-10-27 08:44:40 [post_modified_gmt] => 2023-10-27 13:44:40 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31367 [menu_order] => 37 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [24] => WP_Post Object ( [ID] => 31326 [post_author] => 91 [post_date] => 2023-10-24 09:00:17 [post_date_gmt] => 2023-10-24 14:00:17 [post_content] =>

Don’t be afraid of social engineering attacks this Cybersecurity Awareness Month! Use the four tactics in this article to defend against them. 

This year marks the 20th anniversary of Cybersecurity Awareness Month, a collaborative effort between government and businesses to raise awareness about digital security and empower both organizations and individuals to protect their online data from cybercriminals.  

NetSPI is proud to be recognized among industry peers as a Cybersecurity Awareness Month Champion Organization. As a leader in offensive security, we’re committed to partnering with our peers to collectively advance security. Technology has a significant impact on addressing cybersecurity challenges. However, people are an essential part of keeping personal and business data secure. By working together, we can make strides toward stronger systems and safer data as a whole. 

Security education and awareness have come a long way since the first Cybersecurity Awareness Month 20 years ago. But the mission never ends. More effort is needed to protect expanding attack surfaces against increasingly sophisticated threat actors. The theme for 2023’s Cybersecurity Awareness Month is “Secure Our World,” focusing on ways individuals and businesses can protect against online threats. 

In the spirit of this year’s theme, we created a parody of the Monster Mash to share social engineering prevention tips far and wide. Enjoy the video and share with your teams for a nudge toward improved security this October and year-round!

https://youtu.be/weWB8iWfUWg?si=SuRAUEVxg4opB8Ly

Read on to learn the importance of these social engineering prevention tips, and how you can keep your business and customer data more secure. 

Use Strong Passwords and a Password Manager 

In 2022, threat actors leaked more than 721 million passwords. Among the passwords exposed, 72 percent of users were found to be still using already-compromised passwords. 

As threat actors identify new ways to expose more passwords, using unique passwords is essential to protecting business and personal data.  

Some best practices for strong passwords include:

  • Using unique passwords for each online account or platform 
  • Updating passwords as soon as you’re notified of a breach  
  • Creating long passwords (typically longer than 12 characters) 
  • Ensuring passwords are complex by using a combination of lowercase and capital letters, numbers, and special characters  
  • Avoiding personal identifiable information in passwords, such as birth dates, your address, pet names, family member names, or your company name 

To secure your passwords further, use a password manager, which helps users create, save, manage, and use passwords across different online services and accounts. Passwords are stored in an encrypted database to ensure protection and when a user is logged into the password manager, credentials can be retrieved so unique passwords don’t need to be remembered for each individual account. Using a password manager goes a long way toward removing the friction that can deter people from proper password hygiene.

Turn on Multifactor Authentication

Even strong, secure passwords can be exposed by attackers. Leveraging multifactor authentication (MFA) can prevent exposed passwords from being used. MFA is a multi-step process that requires users to enter more information than simply a password to log into an account.  

Some platforms or services require MFA while others include it as an option for user accounts. Taking a few extra seconds to complete MFA can significantly enhance security.

Some examples of multifactor authentication include:

  • Security questions to verify a user’s identity 
  • Codes sent to a user’s phone number or email address  
  • Fingerprint verification on mobile devices  

NetSPI’s Social Engineering Lead, Patrick Sayler, underscored the importance of multifactor authentication in today’s threat environment: 

“Multifactor authentication is an absolute requirement if you’re exposing services to the internet. It may not prevent modern adversary-in-the-middle phishing campaigns, which can intercept both the time-based token value and resulting user session, but it still acts as an excellent first line of defense against password-spraying and basic phishing attacks. 

However, MFA fatigue is a legitimate concern and has resulted in initial access during our external network tests on numerous occasions. Most corporate multifactor solutions now offer number matching to prevent users from accidentally accepting a rogue authentication request. Enabling this feature requires a user to enter a specific number in their MFA mobile app, which prevents them from accidentally accepting a rogue incoming push notification.”

Recognize and Report Phishing

Social engineering, which refers to when threat actors attempt to trick employees into exposing sensitive information, is on the rise. In fact, 98 percent of cyber attacks involve some form of social engineering.  

Some of the most common types of social engineering include vishing (phone), phishing (email), and smishing (text).  

As an example, a vishing attack recently took down several of casino chain MGM Resorts’ systems, including hotel room keys and slot machines, for a few days. The threat actors responsible for the attack leveraged vishing through MGM’s help desk to gain access to the network. They found an employee’s information on LinkedIn, pretended to be them in a call to MGM’s IT help desk, and obtained credentials to access and infect the systems. 

This attack underscores the importance of recognizing and reporting vishing, phishing, and other similar social engineering attacks.  

Sayler shared, “For the help desk, having a set workflow of interactions, policies, and requirements, and sticking to them, will greatly reduce an attacker's chance of success. Whenever I call and they start to push back, I end it and try to get a different agent on the phone. If they push back too, then that's a good indicator that the department has been effectively trained and likely won't deviate from the proper procedure. There's only so much that you can do if everyone follows an established process and isn't willing to budge." 

Steps businesses can take to recognize, report, and prevent phishing and related social engineering attacks include:

  • Train all employees on security best practices and processes from the top down – including C-suite employees – rather than only educating new team members on procedures 
  • Create and implement a standardized playbook for employees to use when faced with a malicious form of communication 
  • Leverage email security technologies but don’t rely on them as your only line of defense 
  • Screen all incoming calls, text messages, and emails for malicious behavior 
  • Test your framework by engaging penetration testing services to perform common social engineering attack methods within your organization 

Update Software

Many individuals make the mistake of falling behind on software updates for their personal or business systems. Some factors that contribute to this include that users are unaware that updates or patches are available, or they need a notification for an update while they’re in the middle of a task, resorting to pushing the update off to a later date.

According to NetSPI’s Offensive Security Vision Report, software versions with known vulnerabilities can be an easy target for malicious actors and have a significant impact on personal or business security. Our analysis of more than 300,000 anonymized findings from thousands of pentest engagements showed that Vulnerable Software and OS Versions (Missing Critical Patches) is a top vulnerability for both external networks and the cloud. 

New exploits are released on a regular basis by security researchers (as well as threat actors), and if left unpatched, outdated software can quickly become an entry point into the organization. 

Some tips to ensure you update software to the latest, most secure versions include:

  • Enable automatic updates so you don’t need to monitor for the latest patches and enhancements on your own 
  • Update software when prompted, even if this means pausing your work for a few minutes to restart your devices  
  • Be aware of red flags for phishing, such as pop-up windows in your browser prompting you to urgently update software

Enhance Offensive Security with NetSPI

While Cybersecurity Awareness Month takes place once a year, an ongoing commitment to enhanced security will help us all move the needle. To strengthen your company’s social engineering prevention, NetSPI’s social engineering testing can help validate and improve your procedural security controls and employee training.  

Learn more about NetSPI’s social engineering services or schedule a demo to speak directly with a member of our team.

[post_title] => How To Protect Businesses from Social Engineering Attacks this Cybersecurity Awareness Month and Beyond  [post_excerpt] => In celebration of Cybersecurity Awareness Month, these four tips will help businesses stay secure by protecting against social engineering attacks. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => protect-business-from-social-engineering-attacks-cybersecurity-awareness-month [to_ping] => [pinged] => [post_modified] => 2023-10-24 09:04:24 [post_modified_gmt] => 2023-10-24 14:04:24 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31326 [menu_order] => 38 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [25] => WP_Post Object ( [ID] => 31594 [post_author] => 91 [post_date] => 2023-10-20 09:00:00 [post_date_gmt] => 2023-10-20 14:00:00 [post_content] =>

NetSPI's social engineering penetration testing enhancements were highlighted in Help Net Security. Read the preview below or view it online.

+++

NetSPI unveiled enhancements to its social engineering penetration testing solutions to help organizations build resilience to modern-day phishing attacks. The updates bring a customized, contextual approach to social engineering testing and go beyond basic phishing campaigns to simulate advanced techniques such as device code and OAuth application phishing and capturing multi-factor authentication tokens.

NetSPI has identified opportunities to update its processes and tooling to create efficiencies, cost savings, and scalability. The phishing tests follow NetSPI’s platform driven, human delivered methodology, leveraging a combination of technology and manual testing to customize engagements and more accurately simulate adversaries based on business context.

All tests are managed and delivered in NetSPI’s Pentesting as a Service (PTaaS) platform, to provide a streamlined program management experience.

You can read the full article at https://www.helpnetsecurity.com/2023/10/20/netspi-social-engineering-penetration-testing/!

[post_title] => Help Net Security: NetSPI boosts phishing resilience with enhanced social engineering penetration testing [post_excerpt] => NetSPI's social engineering penetration testing enhancements were highlighted in Help Net Security. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => help-net-security-netspi-boosts-phishing-resilience-with-enhanced-social-engineering-penetration-testing [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:17:02 [post_modified_gmt] => 2023-12-15 22:17:02 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31594 [menu_order] => 39 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [26] => WP_Post Object ( [ID] => 31292 [post_author] => 91 [post_date] => 2023-10-19 09:00:00 [post_date_gmt] => 2023-10-19 14:00:00 [post_content] =>
Latest updates from offensive security leader address how organizations can better protect themselves against the sophisticated techniques behind modern-day phishing attacks.

Minneapolis, MN – October 19, 2023NetSPI, the global leader in offensive security, today announced enhancements to its social engineering penetration testing solutions to help organizations build resilience to modern-day phishing attacks. The updates bring a customized, contextual approach to social engineering testing and go beyond basic phishing campaigns to simulate advanced techniques such as device code and OAuth application phishing and capturing multi-factor authentication tokens. 

NetSPI has identified opportunities to update its processes and tooling to create efficiencies, cost savings, and scalability. The phishing tests follow NetSPI’s platform driven, human delivered methodology, leveraging a combination of technology and manual testing to customize engagements and more accurately simulate adversaries based on business context. All tests are managed and delivered in NetSPI’s Pentesting as a Service (PTaaS) platform, to provide a streamlined program management experience. 

Social engineering remains one of the top ways adversaries gain access to environments and sensitive information. Phishing attempts are becoming more sophisticated and less recognizable. The use of emerging technologies such as artificial intelligence (AI) has redefined and reimagined traditional phishing attacks, creating widespread impact. 

“Phishing remains a persistent threat to any organization. It is imperative for organizations to continuously evaluate their resiliency to phishing as adversaries continue to evolve and develop new, advanced techniques,” says Patrick Sayler, Director of Social Engineering at NetSPI. “To better reflect the challenges our clients are facing today, we’ve updated our social engineering testing capabilities to deploy modern, advanced techniques that more accurately evaluate an organization's defense against these attacks at a larger scale.” 

In tandem with the increased risk and sophistication, this news comes during Cybersecurity Awareness Month, which is led by the National Cybersecurity Alliance and the Cybersecurity and Infrastructure Agency (CISA). NetSPI has signed on to be a Champion of the initiative which brings organizations together to promote cybersecurity awareness and best practices for data protection.  

This year, the organizations are bringing awareness to four critical steps to stay safe online, one of which is to “recognize and report phishing.” NetSPI’s enhancements align with their mission and aim to not only help organizations evaluate their security awareness programs and policies, but also demonstrate the potential impact of a successful phish and provide clear, actionable recommendations for program improvement. 

To learn more about NetSPI’s social engineering penetration testing solutions, visit: https://www.netspi.com/security-testing/social-engineering

About NetSPI

NetSPI is the global leader in offensive security, delivering the most comprehensive suite of penetration testing, attack surface management, and breach and attack simulation solutions. Through a combination of technology innovation and human ingenuity NetSPI helps organizations discover, prioritize, and remediate security vulnerabilities. Its global cybersecurity experts are committed to securing the world's most prominent organizations, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500. NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India. 

Media Contacts: 
Tori Norris, NetSPI 
victoria.norris@netspi.com
(630) 258-0277  

Jessica Bettencourt, Inkhouse for NetSPI 
netspi@inkhouse.com
(774) 451-5142

[post_title] => NetSPI Enhances Social Engineering Penetration Testing Solutions During Cybersecurity Awareness Month [post_excerpt] => Read how NetSPI’s enhanced social engineering penetration testing can help organizations better protect themselves against the sophisticated techniques behind modern-day phishing attacks. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => social-engineering-pentesting-updates [to_ping] => [pinged] => [post_modified] => 2023-10-18 13:57:57 [post_modified_gmt] => 2023-10-18 18:57:57 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31292 [menu_order] => 40 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [27] => WP_Post Object ( [ID] => 31185 [post_author] => 91 [post_date] => 2023-10-05 09:00:00 [post_date_gmt] => 2023-10-05 14:00:00 [post_content] =>

NetSPI’s BAS solution recognized as a top cybersecurity offering to improve threat detection and build resiliency against adversaries.

Minneapolis, MN – October 5, 2023 NetSPI, the global leader in offensive security, today announced it has been named the “Breach and Attack Simulation (BAS) Solution of the Year" in the 2023 CyberSecurity Breakthrough Awards, which recognizes the top companies, technologies, and products in the global information security market. NetSPI’s award-winning BAS solution combines the company’s BAS cloud-native technology platform with its offensive security expert’s hands-on counsel to bring continuous testing of an organization's detective controls against real-world attack tactics, techniques, and procedures (TTPs). 

“Against the backdrop of an evolving, complex threat landscape, ‘secure by default’ is no longer enough to protect an organization. BAS has become a critical component of an organization’s offensive security strategy, significantly improving threat detection and response,” said Vinay Anand, Chief Product Officer at NetSPI. “During a time when proactive, always-on security is needed most, we’re honored to be recognized this year by the Cybersecurity Breakthrough Awards for our market-leading innovation. This recognition is also a testament to the team’s client-first mindset and innovative spirit that we emulate daily.” 

NetSPI data shows that 80% of common attack behaviors are missed by EDR, SIEM, and MSSP out-of-the-box solutions, creating a dire need for faster and more accurate threat detection and response. With NetSPI’s BAS offering, organizations benefit from in-depth detective control validation, SOC team education and support, and sophisticated attack play execution needed to ensure continuous testing and improvement, helping stop threats in their tracks and build resiliency. 

To experience NetSPI’s award-winning Breach and Attack Simulation solution in action, contact us or watch our demo, featuring NetSPI VP of Research Scott Sutherland.

https://youtu.be/Si3hFNEFE7Q?si=wrrayitIi23VOCdx

To learn more about this year’s CyberSecurity Breakthrough Awards winners, the full list can be viewed here.   

About NetSPI 

NetSPI is the global leader in offensive security, delivering the most comprehensive suite of penetration testing, attack surface management, and breach and attack simulation solutions. Through a combination of technology innovation and human ingenuity NetSPI helps organizations discover, prioritize, and remediate security vulnerabilities. Its global cybersecurity experts are committed to securing the world’s most prominent organizations, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500. NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India. Follow NetSPI on Facebook, Twitter, and LinkedIn

NetSPI Media Inquiries: 

Tori Norris, NetSPI
victoria.norris@netspi.com
(630) 258-0277 

Jessica Bettencourt, Inkhouse for NetSPI
netspi@inkhouse.com
(774) 451-5142 

[post_title] => NetSPI Wins Breach and Attack Simulation Solution of the Year in the 2023 CyberSecurity Breakthrough Awards  [post_excerpt] => Learn why NetSPI’s BAS solution was recognized as a top cybersecurity offering to improve threat detection and build resiliency against adversaries. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => breach-and-attack-simulation-breakthrough [to_ping] => [pinged] => [post_modified] => 2023-10-05 09:23:01 [post_modified_gmt] => 2023-10-05 14:23:01 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31185 [menu_order] => 46 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [28] => WP_Post Object ( [ID] => 31131 [post_author] => 91 [post_date] => 2023-09-28 09:00:00 [post_date_gmt] => 2023-09-28 14:00:00 [post_content] =>

2023 is sure to be remembered as the year of artificial intelligence (AI). With the rapid adoption of ChatGPT, the rise of new job titles like “Prompt Engineer,” and nearly every workforce researching how the technology could be applied to their industry — AI entered the scene as a force to be reckoned with. 

NetSPI joined in with the launch of AI Penetration Testing to help teams bring their AI/ML implementations to market while staying confident in the security of their creations. We launched this new solution at Black Hat, which also saw a strong theme of AI technologies from attendees and vendors across the conference. Read our show recap here.

These are just a few headlines showing how AI took center stage in 2023. But at a high level, AI is still in its infancy. Teams are researching how they can use this new technology, and the results will continue to play out in coming years.  

With this in mind, we wanted to understand how our cybersecurity partners have approached AI so far and where they see opportunities to utilize it going forward. Read on to hear perspectives on AI in cybersecurity from several security experts.

Meet the Contributors 

This roundup includes contributions from NetSPI Partners and NetSPI’s Managing Director, Phil Morris. Learn more about our Partner Program.

How do you envision AI enabling the cybersecurity industry?  

“Artificial Intelligence stands to be a viable force multiplier for organizations that embrace it, unlocking the power of dormant data and drastically speeding time to insight. AI is transforming the industry by increasing efficiency and saving time by automating tasks. AI automation will serve as the framework for all industries and will be a key player with tasks and projects. AI algorithms have become a huge contributor to marketing campaigns as AI is predicting consumer behaviors and trends.” 

Daniel Alonso, Flagler Technologies Technologist 

“Artificial intelligence is a powerful tool for enhancing security and compliance. Algorithms capable of analyzing massive amounts of data can quickly identify threats, flag vulnerabilities and misconfigurations, and prevent attacks. By continually analyzing systems, controls, and processes against security frameworks and regulatory standards, AI and automation tools can alert security teams to any deviations or potential security risks. This real-time visibility increases overall efficiency and frees security teams to focus on complex, high-priority business initiatives.” 

Shrav Mehta, Secureframe CEO 

“Machine Learning and similar predictive analysis is already used extensively to identify patterns. Sometimes those patterns identify a ‘baseline’ so that outliers can be identified faster, and sometimes those patterns can be how adversaries explore and attack your network.
Generative AI (now just referred to as ‘AI’), is really a ‘word predictor’ in that it absorbs a corpus of data, trains itself to predict language patterns in that data, and then uses those patterns to predict how to answer a question based on that corpus of data (or one similar to it). So, whenever you have lots of data— typically unstructured or overly ‘messy’ data stored in persistent storage or coming through complex data streams, GenAI can help you make some sense of it.
I think that where we’re going to see a lot of experimentation is with the idea of ‘mini-AIs’, where we’ve built or extended a general AI model to be used as a niche platform to help us solve a more specific use case. We’re seeing that now in large language models being used to identify how to ‘hack’ a network or organization, and Microsoft is using that model in the development of its many ‘CoPilots’.”   

Phil Morris, NetSPI Managing Director 

“At Fellsway Group, we see AI as a transformative force that has the potential to revolutionize industries across the board. The application of AI technologies opens a world of opportunities for businesses to enhance efficiency, optimize processes, and drive innovation. Across industries, we envision AI enabling: 

  1. Process Optimization: AI can analyze vast amounts of data in real-time, identifying patterns, trends, and anomalies that humans might miss. This capability allows for the optimization of complex manufacturing processes, supply chain management, and resource allocation. 
  2. Predictive Maintenance: AI-powered predictive maintenance can help organizations reduce downtime and operational costs by identifying potential equipment failures before they occur. This approach allows for timely maintenance and prevents costly breakdowns. 
  3. Quality Control: AI-driven quality control systems can ensure product consistency and minimize defects by detecting minute variations that might go unnoticed through traditional inspection methods. 
  4. Personalized Marketing: AI can analyze customer data to create highly targeted marketing campaigns, tailoring product recommendations and offers based on individual preferences and behaviors. 
  5. Supply Chain Management: AI can optimize supply chain logistics, predicting demand patterns, optimizing inventory levels, and enhancing delivery routes to reduce costs and improve overall efficiency. 
  6. Safety and Risk Mitigation: AI-enabled sensors and systems can monitor safety conditions in hazardous environments, reducing risks to human workers. Additionally, AI can model and simulate potential risks to identify ways to mitigate them.” 
Steve Leventhal, Fellsway Group Managing Partner, and Robert Bussey, Fellsway Group Lead Consultant 

“AI will be a tool that security teams can use for multiple purposes. It will help them process massive amounts of data, allow them to scale with smaller teams and help the security operators get to the information that requires real intelligence to decipher. It will also help them write automation into their processes by providing code snippets and reusable functions to get to their end automation goals more rapidly.” 

Tim Ellis, Right! Systems, Inc. Chief Information Security Officer 
AI/ML Penetration Testing

On the other hand, what risks or drawbacks do you see associated with AI? 

“AI aligns with the ethical position of the user; it can be used for negative purposes as easily as it can be used for the betterment of humanity. AI is so powerful and disruptive that there can be concerns for privacy and potential market volatility. This is a key reason getting ahead of the AI intelligence in your industry is so important.” 

Daniel Alonso, Flagler Technologies Technologist 

“There are a few potential risks organizations must consider when evaluating and implementing AI tools. First and foremost is avoiding over-reliance on AI. For example, generative AI can be used for policy creation, but at best AI algorithms can generate baseline policies that will need human input and expertise to be tailored to the organization.
It’s also important to understand accuracy when querying AI, especially for platform-specific configurations and deep troubleshooting. For example, organizations may be using Github Copilot to generate code, but the tool might not have access to the company’s entire codebase to know best practices. As a result, it might generate code with security flaws or code that does not follow the standards set in the rest of the system.
Finally, it’s essential for companies to consider data security and privacy when using AI tools. As with any vendor, knowing what data is shared and how it’s used is incredibly important for your overall security posture. When evaluating AI vendors, find out if there’s a way to ensure only anonymized data is flowing into the tool, as well as where data is being stored and processed and how long it’s retained.” 

Shrav Mehta, Secureframe CEO

“Despite the hype that we’ve all seen over the first half of 2023, I don’t think that ‘AI’ projects are going to be successful without keeping a human component in the mix — it’s just too unreliable and lacks context in high-risk situations. 
That might change, but if I were exploring business cases in healthcare, life sciences, or financial advising, I’d be hesitant to just “take the systems word for it.” Remember, experience shows that more than 90 percent of AI/ML projects end up being rated, shall we say, less than successful. 
From my research it seems that most of the issues are not technical ones, but are concerned around the problems that the business is trying to solve and/or are based on some mistaken assumptions about both the results of the project and how the system or platform is built to get to that point. To many teams, this tech is just close enough to what they’ve been working with to seem like an easy reach, but in truth it’s a whole new way to look at projects and outcomes.” 

Phil Morris, NetSPI Managing Director 

“For the security operations team, a significant risk with AI is trusting it too much. AI isn’t actually intelligent, it just can often do a good job of appearing to be intelligent. At the end of the day, it’s just a tool and if you don’t have great human intelligence utilizing that tool and corralling what the output is you will end up with garbage output and holes in your defenses. The other risk that AI brings is on the attacker side. Since AI is just a tool, the same technology can be used to bring down defenses in ever more aggressive ways — and attackers are already quite good at automation. Attackers also don’t suffer the downside risk of AI making mistakes because mistakes are unlikely to hurt them at all.”  

Tim Ellis, Right! Systems, Inc. Chief Information Security Officer 

“While the potential benefits of AI are vast, it's important to acknowledge and address the potential risks and drawbacks: 

  1. Bias and Fairness: AI systems can inadvertently inherit biases present in the data they are trained on, leading to biased outcomes and unfair decisions. 
  2. Job Displacement: Automation through AI could lead to job displacement in certain industries, potentially impacting the workforce. 
  3. Security Concerns: As AI systems become more interconnected and integrated, they could become targets for cyberattacks if not properly secured. 
  4. Privacy Issues: The use of AI in data analysis can raise concerns about the privacy and security of personal and sensitive information. 
  5. Ethical Considerations: Decisions made by AI systems might not always align with human ethical values, leading to difficult ethical dilemmas.” 
Steve Leventhal, Fellsway Group Managing Partner, and Robert Bussey, Fellsway Group Lead Consultant

Can you share any advice for how security teams can approach getting started with AI? 

“Yes—forget about losing your job to an AI platform—that isn’t going to happen, and if your C-suite is planning layoffs due to their new AI project, you should probably be working somewhere more grounded in the first place. 
I came into it via my analytics background, but I quickly discovered that—like many other emerging technologies of the past—things like security, privacy, and auditability haven’t been figured into the equation. If you can poison a training dataset, you’ve corrupted a model, and thousands (or millions) of dollars could be spent before you realize that. Alternatively, training data has huge privacy risks (and now, copyright risks) that need to be considered. 
AI is based on data and AI projects are based on well-known data processing pipelines, so don’t be overwhelmed by asking standard security- and risk-related questions — just don’t expect easy answers. Having a partnership with subject matter experts who understand how these systems are grown, how they evolve, and how they need to be protected is a good first step. Then you can learn from them and specialize wherever your heart takes you.”  

Phil Morris, NetSPI Managing Director 

“Absolutely, AI is used typically to answer a question or correlate data to provide a condition. Make sure your security data, syslog, streams and all other relevant points are part of your solutions result! Continuing to improve both security policies, and identifying new risks will be at the forefront of the security teams in tech.” 

Daniel Alonso, Flagler Technologies Technologist 

“Security teams must create an AI strategy that’s aligned with the organization’s overarching business and security objectives. AI-powered tools can help with a range of challenges, from complex tasks like continuous security monitoring, intelligence threat detection, and faster incident response, or simple tasks like creating new tabletop exercise prompts. Security teams should start by identifying specific cybersecurity challenges AI can help address.” 

Shrav Mehta, Secureframe CEO 

“I would recommend using vendor tools to start with on the data processing front. Look for vendors that are able to show clear ROIs in saving people time through their use of AI and machine learning. Everyone is promising this but not everyone is delivering so be careful to analyze the vendor’s claims for real outcomes and talk to references that have their own ROI models if possible.” 

Tim Ellis, Right! Systems, Inc. Chief Information Security Officer 

“For security teams looking to leverage AI, here are some key steps to consider: 

  1. Education and Training: Ensure that your security team has a solid understanding of AI concepts, algorithms, and potential applications in the security domain. 
  2. Identify Use Cases: Identify specific use cases where AI can enhance security operations, such as threat detection, anomaly detection, and fraud prevention. 
  3. Data Preparation: Data is crucial for training AI models. Gather high-quality, diverse, and relevant data to build effective AI systems. 
  4. Collaborate with Experts: Work with AI experts and data scientists to develop and implement AI solutions tailored to your security needs. 
  5. Test and Validate: Thoroughly test AI models in controlled environments to ensure their accuracy, robustness, and effectiveness before deploying them in critical security operations. 
  6. Monitor and Update: Continuously monitor AI systems for performance and adapt them as new threats and challenges emerge. 
  7. Ethical Considerations: Keep ethical considerations at the forefront. Ensure transparency, fairness, and accountability in AI-driven security decisions. 

By approaching AI implementation with a well-informed and strategic mindset, security teams can harness its power while mitigating potential risks. At Fellsway Group, we believe that responsible and thoughtful integration of AI can lead to significant advancements in industry and security alike.” 

Steve Leventhal, Fellsway Group Managing Partner, and Robert Bussey, Fellsway Group Lead Consultant 

These responses convey the research, hard work, and preparation that goes into determining how a company can best apply AI in their day-to-day business. One recurring theme is the need to include human analysis to verify data going into AI models and the results coming out. After all, AI can only be as smart as the person using it.  

Interested in sharing your perspective with us? Tweet us anytime @NetSPI.  

This article was written in collaboration with NetSPI’s Partners. Learn more about becoming a NetSPI partner here.

[post_title] => Shaping the Future of AI and Cybersecurity [post_excerpt] => Gain insights from NetSPI’s diverse business partners on how IT and security teams are using AI in cybersecurity today and in the future. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => shaping-the-future-of-ai-and-cybersecurity [to_ping] => [pinged] => [post_modified] => 2023-09-28 15:48:13 [post_modified_gmt] => 2023-09-28 20:48:13 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31131 [menu_order] => 49 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [29] => WP_Post Object ( [ID] => 31144 [post_author] => 91 [post_date] => 2023-09-28 08:00:00 [post_date_gmt] => 2023-09-28 13:00:00 [post_content] =>

Niloo will leverage her experience leading corporate and product strategies across the cybersecurity industry to support NetSPI’s future growth.

Minneapolis, MN – September 27, 2023 – NetSPI, the global leader in offensive security, today announced the appointment of Niloo Razi Howe to its Board of Directors. Niloo brings an incredible track record of supporting companies equipped for major market disruption and will support NetSPI at a pivotal moment as the company revamps its product strategy. 

“The attack surface is expanding as new technologies are implemented at a breakneck pace. If you’re not continuously validating your security posture, you’re leaving your business wide open to evolving threats,” shared Niloo. “Having an offensive, adversarial mindset is critical to figuring out how to secure your business and build resiliency. I’m thrilled to support the NetSPI team as they continue to build solutions to these real, table stakes issues and help organizations get proactive with their security.” 

Niloo has been an investor, executive and entrepreneur in the technology industry for the past 25 years, with a focus on cybersecurity for the past 15. She currently serves on the Board of Directors of Pondurance, Tenable, Composecure, Recorded Future, Swimlane, among other notable cybersecurity companies. Prior to these appointments, Niloo was the Chief Strategy Officer for global cybersecurity companies RSA and Endgame where she led corporate strategy, development, and planning. Niloo also serves on several US government advisory boards including the Cybersecurity Infrastructure Security Agency’s (CISA) Advisory Council. 

"Niloo’s experience advising and leading high-growth, innovative cybersecurity companies is unmatched,” said Aaron Shilts, CEO at NetSPI. “She is exceptional at looking to the future and determining how organizations must adapt and evolve to succeed – and we couldn’t be more excited to have her join NetSPI during this period of evolution and disruption in offensive security.” 

This appointment follows consecutive years of high growth for NetSPI. In 2022, the offensive security company achieved 58 percent organic revenue growth, driven by continuous adoption of its Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS) platforms. Niloo will be instrumental in advising NetSPI’s product roadmap and vision.  

Learn more about NetSPI, its leadership team, and Board of Directors at https://www.netspi.com/about-us/.  

About NetSPI 

NetSPI is the global leader in offensive security, delivering the most comprehensive suite of penetration testing, attack surface management, and breach and attack simulation solutions. Through a combination of technology innovation and human ingenuity NetSPI helps organizations discover, prioritize, and remediate security vulnerabilities. Its global cybersecurity experts are committed to securing the world’s most prominent organizations, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500. NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India. 

Media Contacts:
Tori Norris, NetSPI
victoria.norris@netspi.com
(630) 258-0277

Jessica Bettencourt, Inkhouse for NetSPI
netspi@inkhouse.com
(774) 451-5142

[post_title] => Niloo Razi Howe Joins NetSPI Board of Directors [post_excerpt] => Learn how Niloo will leverage her experience leading corporate and product strategies across the cybersecurity industry to support NetSPI’s future growth. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => niloo-razi-howe [to_ping] => [pinged] => [post_modified] => 2023-09-28 09:40:01 [post_modified_gmt] => 2023-09-28 14:40:01 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31144 [menu_order] => 48 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [30] => WP_Post Object ( [ID] => 30941 [post_author] => 91 [post_date] => 2023-09-26 09:00:00 [post_date_gmt] => 2023-09-26 14:00:00 [post_content] =>

As businesses continue to embrace the cloud, the spotlight falls on safeguarding their growing digital environment. At Black Hat, NetSPI VP of Research Karl Fosaaen sat down with the host of the Cloud Security Podcast Ashish Rajan to discuss all things Azure penetration testing. In an era of constantly evolving technology and escalating cyber threats, voices like Karl's become the bedrock of resilience for today’s cloud security. 

Catch the highlights below and watch the full episode here.

https://youtu.be/nmBP8KcrPI8?si=WGDWMra85sIAKOdQ

How is Azure pentesting different than AWS pentesting? 

Each cloud provider has its own identity platforms, so working within the platforms will be inherently different. For example, in AWS you might have IAM accounts, policies, roles, and groups, but within Azure, you've got a completely separate identity system through Azure Active Directory, soon to be Entra ID. 

“There's a lot of overlap between the two different cloud providers — or any different cloud provider. When we built up our methodologies for doing cloud pentesting, we tried to make the methodologies vendor agnostic so they'd apply to any cloud vendor we're working with.” 

Is cloud pentesting just configuration review? 

Configuration review is an important component of cloud pentesting, but from our perspective, we use configuration review as a component that informs the pentesting. Configuration review focuses on seeing what’s exposed to the internet, or what an internal networking looks like from virtual networks. Pentesting takes it to the next level by trying to find application network vulnerabilities and abuses of those misconfigurations that can be used to potentially gain access. 

“I think that's the key component that might be missing for folks who see cloud pentesting as just config review. To actually pentest it, we have to exploit the vulnerabilities and show the potential impact there.” 

How would you compare cloud pentesting to network pentesting?  

There’s a lot of overlap between cloud pentesting and network pentesting. Karl’s background is in external and internal network pentesting, and a lot of the skills he gained early in his career carry over to cloud pentesting. Many organizations bring their on-prem applications and virtual machines up into the cloud, so the core principles of network security apply to the cloud too.  

“Those same pentesting principles that we had from network pentesting of identifying live services, seeing how we can exploit them, trying to identify vulnerabilities, it's the same kind of ideas just applied to the cloud context.” 

What's your thought process when you go down the path of an Azure penetration test? What's your first step?  

Every engagement is unique, so it depends on the different resources within an environment. Start by establishing a baseline. For example, when looking at AWS versus Azure, the concept of passing a role to an AWS service has a similar counterpart in Azure. You have managed identities that you can pass to a specific service. Start by looking at what managed identities are out there, what roles resources, where things attach, who has rights to what, and try to start formulating that path toward potentially compromising an asset that could allow you to pivot over to something else. When we can start escalating this way, we’re able to build out a mental map that provides a baseline of the environment you’re in. 

“It's really just getting a rough idea of what's in the environment, situational awareness, identifying where your attack paths might be, and additionally, where the identities are.”  

Hear Karl and Ashish talk in-depth by listening to the full episode on Cloud Security Podcast’s LinkedIn page. If you’re interested in improving your Azure Penetration Testing skills, then sign up for a chance to win a signed copy of Karl’s book and be the first to know when NetSPI’s Dark Side Ops workshops open!

[post_title] => Power Up Your Azure Penetration Testing [post_excerpt] => Level up your cloud security skills with NetSPI’s VP of Research Karl Fosaaen on how to apply cloud security measures to Azure penetration testing. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => power-up-your-azure-penetration-testing [to_ping] => [pinged] => [post_modified] => 2023-10-31 14:30:03 [post_modified_gmt] => 2023-10-31 19:30:03 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=30941 [menu_order] => 56 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [31] => WP_Post Object ( [ID] => 31323 [post_author] => 91 [post_date] => 2023-09-19 09:00:00 [post_date_gmt] => 2023-09-19 14:00:00 [post_content] =>

Help Net Security interviews Scott Sutherland, VP of Research at NetSPI. They delve into the intricacies of the Breach and Attack Simulation (BAS) platform and discuss how it offers unique features – from customizable procedures to advanced plays – that help organizations maximize their ROI. Read the preview below or view it online.

+++

Can you provide a high-level overview of NetSPI’s Breach and Attack Simulation platform and what makes it unique?

We deliver a centralized detective control platform that allows organizations to create and execute customized procedures utilizing purpose-built technology and professional human pen-testers. Simulate real-world attack behaviors, not just IOCs, and put your detective controls to the test in a way no other organization can.

Can you speak to how organizations can visualize ROI through the NetSPI platform?

Breach and Attack Simulation solutions should help provide ROI in a variety of ways:

  • BAS solutions should provide data insights into where your detective and preventative control gaps are so you can make intelligent choices about where to invest your security dollars. This should include point-in-time and overtime reporting to justify or validate investments meaningfully. For example, this should include visualizations showing how investments in new data sources can increase alert coverage for common attack behaviors. Another typical example would be visualizing the increase in detection rule coverage results from adding another detection engineer.
  • Recruiting, training, and educating pentest and SOC teams can take time and money. Most BAS tools should include educational material that your teams can use to understand how to execute and detect common attack behaviors within the application. This can save both time and money in the long run.
  • There are hundreds, if not thousands, of hacker tools. Researching, installing, and running them to simulate the newest malicious behavior can be time-consuming and risky if the mechanisms are better understood. BAS solutions can take that off your team’s plate so they can focus on doing the job of simulation, detection engineering, and control validation/tuning.
  • Finally, tracking the average ransomware trends can help people estimate the potential cost of the ransomware incidents that BAS solutions are designed to help prevent and detect.

...

Continue reading at https://www.helpnetsecurity.com/2023/09/19/netspi-breach-and-attack-simulation-platform/.

[post_title] => Help Net Security: An Inside Look at NetSPI’s Impressive Breach and Attack Simulation Platform [post_excerpt] => Help Net Security interviews Scott Sutherland, VP of Research at NetSPI on the Breach and Attack Simulation (BAS) platform and it's unique features. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => netspi-breach-and-attack-simulation-platform [to_ping] => [pinged] => [post_modified] => 2023-10-20 17:04:16 [post_modified_gmt] => 2023-10-20 22:04:16 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31323 [menu_order] => 52 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [32] => WP_Post Object ( [ID] => 31590 [post_author] => 91 [post_date] => 2023-09-14 09:00:00 [post_date_gmt] => 2023-09-14 14:00:00 [post_content] =>

NetSPI Director of IoT and hardware pentesting Larry Trowell was featured in a Network Computing article on five tips network managers can take to get started with industrial network security. Read the preview below or view it online.

+++

What skills do network managers really need to properly secure industrial networks? What new protocols, frameworks, and regulations are important? And what conferences and certifications can help? Here are five tips to get started.

Whether you’re working in a water treatment plant or running the infrastructure for an energy company, network managers need training in the right skill sets to avoid cyber-attacks. Many options exist for technologists to address the cybersecurity skills gap in the Industrial Internet of Things (IIoT).

“There is no one-size-fits-all guideline for the skills and staff required to effectively and (equally important in the real world) efficiently secure an industrial system,” says John Pescatore, director of emerging security trends at the SANS Institute. “The overall maturity of IT operations and governance is a huge driver.”

Pescatore adds that “sloppy IT administration is the biggest driver behind most security incidents.”

Here are five tips on acquiring the skills needed in an IIoT environment:

1) Attend industry conferences

To gain knowledge in IIoT, attend training sessions in industrial control systems at the annual Black Hat conference, recommends Larry Trowell, director at penetration-testing company NetSPI. (Black Hat is owned by the same parent company as Network Computing.)

“It’s a two-day course and the best training I’ve seen for IIoT networks,” Trowell says. “It gives a basic overview and covers how to do passive analysis and wireless and software configurations.”

Become familiar with the operations technology (OT) mindset and architecture, advises Anand Oswal, senior vice president and general manager of network security at Palo Alto Networks. “The OT mindset is all around uptime, safety, and security, and we need to be familiar with that mindset.”

...

You can read the full article at https://www.networkcomputing.com/data-centers/industrial-iot-security-skills-and-certifications-essentials!

[post_title] => Network Computing: Industrial IoT Security Skills and Certifications: The Essentials [post_excerpt] => NetSPI Director of IoT and hardware pentesting Larry Trowell was featured in a Network Computing article on five tips network managers can take to get started with industrial network security. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => network-computing-industrial-iot-security-skills-and-certifications-the-essentials [to_ping] => [pinged] => [post_modified] => 2023-12-15 16:12:33 [post_modified_gmt] => 2023-12-15 22:12:33 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31590 [menu_order] => 53 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [33] => WP_Post Object ( [ID] => 31054 [post_author] => 91 [post_date] => 2023-09-12 09:00:00 [post_date_gmt] => 2023-09-12 14:00:00 [post_content] =>

NetSPI Field CISO Nabil Hannan shares advice on key vulnerabilities to be aware of during National Insider Threat Awareness Month. Read a preview below or view it online here.

+++

National Insider Threat Awareness Month (NITAM) is an annual, month-long campaign that takes place in September to educate government and industry about the risks posed by insider threats and the role of insider threat programs. This year's theme is "Bystander Engagement," which emphasizes the importance of all employees being aware of and reporting suspicious activity.

Insider threats are one of the most significant security risks facing organizations today. They can come from a variety of sources, including disgruntled employees, malicious insiders, and careless insiders. Insider threats can cause significant damage to an organization, including data breaches, financial losses, and reputational harm.

NITAM is a critical opportunity for organizations to raise awareness of insider threats and to implement effective insider threat programs. By educating employees about the risks and by encouraging them to report suspicious activity, organizations can help to protect themselves from insider threats.

Expert Commentary

In this round up article, we will be sharing commentary from a number of industry experts on the importance of insider threat awareness. We hope that this article will help to raise awareness of insider threats and that it will encourage organizations to take the necessary steps needed to protect themselves.

Nabil Hannan, Field CISO, NetSPI

"This National Insider Threat Awareness Month, it’s important to raise awareness around some of the most commonly exploited vulnerabilities within an organization’s internal network. According to NetSPI’s 2023 Offensive Security Vision Report – which is based on more than 300,000 pentesting engagements – we found that excessive internal permissions continue to plague organizations. We witnessed network shares or SQL servers that unintentionally allowed access to all domain users, which often contain sensitive information, credentials to other services, or customer data (suchas credit card numbers or PII). Unexpected excessive privileges leads to a large number of internal users having access to unintended sensitive data. All it takes is one rogue employee to cause major damage.

Additionally, weak or default passwords continue to be used within organizations, especially when accessing internal networks that contain highly sensitive information. Unlike interfaces exposed externally, interfaces on the internal network typically don’t require multi-factor authentication, making the likelihood of compromise much greater. Basic security hygiene, as well as an understanding of internal sharing protocols, can provide a solid foundation in bolstering protection against insider threats."

Read the full article at https://vmblog.com/archive/2023/09/12/national-insider-threat-awareness-month-2023-expert-roundup-bystander-engagement.aspx.

[post_title] => VMblog: National Insider Threat Awareness Month 2023 Expert Roundup [post_excerpt] => NetSPI Field CISO Nabil Hannan shares advice on key vulnerabilities to be aware of during National Insider Threat Awareness Month. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => vmblog-national-insider-threat-awareness-month [to_ping] => [pinged] => [post_modified] => 2023-09-14 15:30:17 [post_modified_gmt] => 2023-09-14 20:30:17 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31054 [menu_order] => 54 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [34] => WP_Post Object ( [ID] => 31051 [post_author] => 91 [post_date] => 2023-09-07 09:00:00 [post_date_gmt] => 2023-09-07 14:00:00 [post_content] =>

NetSPI CISO Norman Kromberg was featured in CSO's latest article on emerging threats in 2023. Read a preview below or view it online here.

+++

In cybersecurity’s never-ending cat-and-mouse game with hackers and grifters, the threats are always evolving. Here are some of the main attacks experts see as the biggest and baddest on the horizon.

Companies using Microsoft Teams got news earlier in the summer of 2023 that a Russian hacker group was using the platform to launch phishing attacks, putting a new spin on a long-known attack strategy. According to Microsoft Threat Intelligence, the hackers, identified as Midnight Blizzard, used Microsoft 365 tenants owned by small businesses compromised in previous attacks to host and launch new social engineering attacks.

Threats evolve constantly as hackers and grifters gain access to new technologies or come up with new ways to exploit old vulnerabilities. "It's a cat and mouse game," says Mark Ruchie, CISO of security firm Entrust.

Phishing remains the most common attack, with the 2023 Comcast Business Cybersecurity Threat Report finding that nine out of 10 attempts to breach its customers' networks started with a phish.

The volume and velocity of attacks have increased, as have the costs incurred by victims, with the 2022 Official Cybercrimes Report from Cybersecurity Ventures estimating that the cost of cybercrime will jump from $3 trillion in 2015 to a projected $10.5 trillion in 2025.

At the same time, security leaders say they see new takes on standard attack methods -- such as the attacks launched by Midnight Blizzard (which has also been identified by the names APT29, Cozy Bear and NOBELIUM) -- as well as novel attack strategies. Data poisoning, SEO poisoning and AI-enabled threat actors are among the emerging threats facing CISOs today.

"The moment you agree to be a CISO, you agree to get into a race you never win completely, and there are constantly evolving things that you have to have on your screen," says Andreas Wuchner, field CISO for security company Panaseer and a member of the company's advisory board.

...

Preparing for what's next

A majority of CISOs are anticipating a changing threat landscape: 58% of security leaders expect a different set of cyber risks in the upcoming five years, according to a poll taken by search firm Heidrick & Struggles for its 2023 Global Chief Information Security Officer (CISO) Survey.

CISOs list AI and machine learning as the top themes in most significant cyber risks, with 46% saying as much. CISOs also list geopolitical, attacks, threats, cloud, quantum, and supply chain as other top cyber risk themes.

Authors of the Heidrick & Struggles survey noted that respondents offered some thoughts on the topic. For example, one wrote that there will be "a continued arms race for automation." Another wrote, "As attackers increase [the] attack cycle, respondents must move faster." A third shared that "Cyber threats [will be] at machine speed, whereas defenses will be at human speed."

The authors added, "Others expressed similar concerns, that skills will not scale from old to new. Still others had more existential fears, citing the 'dramatic erosion in our ability to discern truth from fiction.'"

Security leaders say the best way to prepare for evolving threats and any new ones that might emerge is to follow established best practices while also layering in new technologies and strategies to strengthen defenses and create proactive elements into enterprise security.

"It's taking the fundamentals and applying new techniques where you can to advance [your security posture] and create a defense in depth so you can get to that next level, so you can get to a point where you could detect anything novel," says Norman Kromberg, CISO of security software company NetSPI. "That approach could give you enough capability to identify that unknown thing."

You can read the full article at https://www.csoonline.com/article/651125/emerging-cyber-threats-in-2023-from-ai-to-quantum-to-data-poisoning.html.

[post_title] => CSO: Emerging cyber threats in 2023 from AI to quantum to data poisoning [post_excerpt] => NetSPI CISO Norman Kromberg was featured in CSO's latest article on emerging threats in 2023. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => cso-emerging-cyber-threats-in-2023 [to_ping] => [pinged] => [post_modified] => 2023-09-14 15:27:15 [post_modified_gmt] => 2023-09-14 20:27:15 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31051 [menu_order] => 55 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [35] => WP_Post Object ( [ID] => 31047 [post_author] => 91 [post_date] => 2023-09-01 09:00:00 [post_date_gmt] => 2023-09-01 14:00:00 [post_content] =>

Larry Trowell, NetSPI's Director of IoT and Embedded Pentesting, was featured in Network Computing's latest article on securing Industrial IoT (IIoT) networks. Read a preview below or view it online here.

+++

Misconfiguration, ransomware, and alert fatigue could lead to downtime on industrial IoT networks in industries such as manufacturing and energy.

As IT, cloud, and industrial networks come together in industrial environments like shipping ports, oil refineries, and factories, organizations are facing new security threats.

In fact, Cisco says 35% of its customers mention security as a top obstacle to IoT. In addition, in the report “The State of Industrial Security in 2022" from Barracuda Networks, 93% of businesses reported that an IIoT/OT security project had failed.

In an Industrial IoT (IIoT) environment, networks, switches, routers, and wireless equipment connect to sensors on physical machinery. Because IIoT networks incorporate automation, they could bring new efficiencies by collecting data at the edge and enabling visibility into issues ahead of time. This process is called the Fourth Industrial Revolution, or Industry 4.0.

“Industrial IoT is basically bringing the [operational technology (OT)] and the IT together to get deeper insights in process telemetry and to use that to really improve the efficiency or deliver new services,” explains Anand Oswal, senior vice president and general manager of network security at Palo Alto Networks, in an interview.

These devices are typically built on a flat Layer 2 segmented architecture, according to Oswal. Flat networks link devices to a single switch rather than separate switches, and Layer 2 is the data layer in the International Organization for Standardization (ISO) reference model for system interconnection.

As “things” get connected, network operators must pay more attention to the attack surface, Oswal notes.

“Threats move laterally, and exposure of formally isolated OT systems may cause potential cyber threats from the IT domain and back and forth,” Oswal says. “Many of these IoT systems are part of larger operations. If these systems are disrupted, there could be loss of important data telemetry that lead to production decisions, poor analytics, or stoppage of operations,” Oswal notes. It could also lead to loss of life.

The Pace of Patching in Industrial IoT

Industries like manufacturing and oil and gas use older legacy systems that are lacking in security systems and were not designed for patching, explains Larry Trowell, director at penetration-testing company NetSPI.

“While these systems get the job done well when maintained, they were not necessarily built with modern security in mind,” he says.

...

You can read the full article at https://www.networkcomputing.com/network-security/patching-vs-uptime-what-you-need-know-about-securing-industrial-iot-networks.

[post_title] => Network Computing: What You Need to Know About Securing Industrial IoT Networks [post_excerpt] => Larry Trowell, NetSPI's Director of IoT and Embedded Pentesting, was featured in Network Computing's article on securing Industrial IoT (IIoT) networks. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => network-computing-securing-industrial-iot-networks [to_ping] => [pinged] => [post_modified] => 2023-09-14 15:25:48 [post_modified_gmt] => 2023-09-14 20:25:48 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=31047 [menu_order] => 58 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [36] => WP_Post Object ( [ID] => 30898 [post_author] => 91 [post_date] => 2023-08-29 09:18:41 [post_date_gmt] => 2023-08-29 14:18:41 [post_content] =>

Learn about the journey to CREST certification directly from our offensive security consultants. CREST certification is an accreditation that establishes professional standards for penetration testing. 
 
This Q&A between NetSPI EMEA Services Director Sam Kirkman and Senior Security Consultant Tyler Sullivan takes you through the process to achieve the CREST Certified Tester (CCT) qualification and how it enables NetSPI to better serve clients across the globe. 

Watch the video below or read along with the Q&A.

https://www.youtube.com/watch?v=4tnLOf2nne8

Tyler, why don't you start off with a bit of an intro about yourself?

“I first got into cybersecurity while I was at university doing computer science and found it to be really interesting and had a real passion for it. So, I did my dissertation on cybersecurity. And after university, I was lucky enough to land a graduate job as a consultant. And this was sort of where my journey really began. I did a lot of web application testing and a lot of infrastructure testing, but particularly enjoyed web testing [...] And so that led me down the route of getting some qualifications in web security. And I went for and have achieved the CREST certification.” 

Why is it important to achieve CREST certification?

In the UK in particular, CREST is a respected and well-known organisation. They accredit a lot of companies and certify a lot of individuals, so it’s a logical path for penetration testers to go down. Traditionally, individuals start out with the CREST Practitioner Security Examination Analyst (CPSA) examination.  

For a security consultant just starting out, it's useful to have that first goal of passing the CPSA examination. When consultants start learning more about cybersecurity, then they can do the CREST registered tester (CRT) exam.  

“What really drove me towards those exams initially was that it made sense logically and had a progression. But also, they’re well respected and challenging exams. If it’s difficult to get [these certifications], they're going to come with a lot of respect and really showcase your web skills.” 

What is the journey like to pass the CPSA exam? Is it challenging right from the start?

When you’re working toward CPSA, it can seem a bit daunting as your first qualification in the industry. At first, there are a lot of simple fundamentals to learn but at the same time, it can be challenging as a new professional in the industry. The timeline between the exams is well laid out, which makes it manageable.  

The CPSA is helpful because it teaches the necessary fundamentals, and the CRT is more of a little bit of everything and covers a lot more about web infrastructure. At the time, when preparing for these exams, you should be at least a mid-level tester.

When you get to the specific specialties, either application testing (CCT App) or infrastructure testing (CCT Inf), that's when you put your head down and focus. The final section is broken into two additional parts. So, you have this multiple choice, which is kind of like CPSA, but much harder, and a lot more information. And then you come to the practical exam, where you have an assault course and a scenario, which lasts about a day.  

“I found the exam really tough, but really rewarding [...] By the end of it, your brain is fried, because it's just a really tough exam. But yeah, I passed in February last year and it's probably my best achievement in the industry so far.” 

Does being CREST-certified change the way you can have conversations with customers and the way that they look at you as well?

CREST is well known in the UK especially because a lot of companies and clients do look for CREST certification and accreditation. One thing that is useful is that when you’re speaking with a client, you can be introduced as a CREST-certified tester. When clients look it up, they’ll see that it’s one of the best, most comprehensive web exams in the UK and one of the best in the world if you’re looking globally.  

Overall, being CREST-certified makes it easier because clients can see that you’re knowledgeable. If you have this qualification, it shows that not only do you have theory knowledge, but also practical real-world cybersecurity experience and pentesting experience. 

Do the skills developed during CREST exams help in the real world and in your day-to-day job as a penetration tester?

Knowledge from the exam is useful in day-to-day job scenarios. The exam teaches you how to deal with problems and unexpected inputs and scenarios, which is basically what penetration testing is. It's seeing something you haven't seen before and knowing how to apply certain theories that you've learned in different ways. And it's not always the same formula, it's very different each time.

The exam also has an element of reporting in there, which is obviously very important. At the end of the day, the report is what the client sees. And if you can't communicate the results properly, then the client is not able to fix what is shown in the results.  

The CREST certification provides a great base and advanced knowledge and enables you to venture out into very niche parts of cybersecurity. However, it’s important to always continue learning.  

“A lot of my learning happens outside of the qualifications as well. Being on the team here at NetSPI, there are a lot of talented people, not just talented in web security, but we have really good cloud people. It's hardware hackers, I don't think I've ever been in an environment where there are just so many specialists. And it's really good, because everything that you learn from even people that are doing hardware, hacking something so different. Being on the NetSPI team is a constant learning experience, I think in cybersecurity and penetration testing it's impossible to ever stop learning.”  

Qualifications provide structure and a sense of achievement. And in the cybersecurity industry, continual learning is always important as the threat landscape continues to evolve. You mentioned that you never stop learning, have you decided what comes next for you?

“I think at the moment, I'm really enjoying just being able to have the freedom to go investigate something, or potentially go develop something. So, I think as a cyber professional, you do have to be able to do a little bit of everything. So, I've done a lot of development work recently and I've been enjoying writing some plugins and things that helped me become a better tester and more efficient tester. For the time being, I’ll keep doing this for another two years, then I'll have to renew my credit certification.” 

Is NetSPI CREST-accredited?

Yes, NetSPI is a CREST member organisation and a CREST-accredited penetration testing service provider. You can find our profile online here

Does NetSPI have CREST-certified consultants?

Yes, NetSPI employs multiple CREST-registered and -certified penetration testers. CREST Registered Tester (CRT) is a mid-level qualification. CREST Certified Tester (CCT) is the higher level qualification, earned for either application testing (CCT App) or infrastructure testing (CCT Inf). 

Partner with NetSPI’s team of expert pentesters

NetSPI’s team of expert pentesters is available to provide always-on security, whether you need to scope a new engagement, parse real-time vulnerability reports, prioritise remediation, or ensure compliance. Learn more about NetSPI’s penetration testing as a service (PTaaS) or schedule a demo to speak with our team directly.

[post_title] => Q&A with Tyler Sullivan: The Journey to CREST Certification [post_excerpt] => Learn about the journey to CREST certification directly from our offensive security consultants and how the certification helps in day-to-day pentesting work.  [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => the-journey-to-crest-certification [to_ping] => [pinged] => [post_modified] => 2023-08-29 09:18:41 [post_modified_gmt] => 2023-08-29 14:18:41 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=30898 [menu_order] => 59 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [37] => WP_Post Object ( [ID] => 30951 [post_author] => 91 [post_date] => 2023-08-29 09:00:00 [post_date_gmt] => 2023-08-29 14:00:00 [post_content] =>

NetSPI's new Minneapolis headquarters was announced in the Minneapolis-St. Paul Business Journal. Read about the move in the snippet below and online here: https://www.bizjournals.com/twincities/news/2023/08/29/netspi-north-loop-hq-sublease-new.html

+++

Minneapolis-based NetSPI is planning to move to a new North Loop headquarters, taking over half of the sublease space put on the market by Calabrio Inc. late last year.

The cybersecurity company will move into 60,000 square feet of space on the

11th and 12th floors of the Steelman Exchange building, at 241 Fifth Ave. N. Those floors – plus floors nine and 10 – are leased by Calabrio, a developer of call-center software, but were put up for sublease at the end of last year.

Read the full article here.

[post_title] => Minneapolis/St. Paul Business Journal: NetSPI moving to new North Loop HQ, takes over part of Calabrio sublease [post_excerpt] => NetSPI's new Minneapolis headquarters was announced in the Minneapolis-St. Paul Business Journal. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => msp-business-journal-hq [to_ping] => [pinged] => [post_modified] => 2023-09-05 11:54:10 [post_modified_gmt] => 2023-09-05 16:54:10 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=30951 [menu_order] => 60 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [38] => WP_Post Object ( [ID] => 30884 [post_author] => 91 [post_date] => 2023-08-29 07:00:00 [post_date_gmt] => 2023-08-29 12:00:00 [post_content] =>
The new, collaborative office space signals accelerated innovation and growth for the offensive security company.

Minneapolis, MN – August 29, 2023NetSPI, the global leader in offensive security, today announced its new headquarters location in the Steelman Exchange building in Minneapolis, Minnesota. The decision to move was prompted by the increasing employee headcount and the need for a more collaborative workplace as the company continues to experience rapid adoption. In 2023 to date, NetSPI has hired 150+ employees, completed 2,733 offensive security assessments, and welcomed 238 new customers. 

“The Steelman Exchange is the perfect fit for our team as we enter a momentous and pivotal year for NetSPI,” shared Aaron Shilts, CEO at NetSPI. “This investment in our workplace will nurture our continued growth, promote collaboration and innovation in offensive security, and ensure we maintain the unique culture that makes NetSPI so special.” 

There are several initiatives driving the offensive security company’s growth in 2023, including: 

  • Emphasis on defining NetSPI’s offensive security product roadmap and vision, driven by continuous adoption of the company’s Penetration Testing as a Service (PTaaS), Attack Surface Management (ASM), and Breach and Attack Simulation (BAS) platforms. 
  • Numerous innovations from the NetSPI Labs research and development team, including the launch of the Software as a Service (SaaS) Security Assessment and AI/ML Penetration Testing solutions. Along with ongoing industry research and responsible disclosures, including two Azure vulnerability disclosures from the NetSPI cloud penetration testing team. 
  • Recognition for its Attack Surface Management (ASM) solution by Gartner, Forrester, and the Global Infosec Awards. 
  • Expansion of the EMEA pentesting team and formalization of CREST and CHECK accreditations to perform mandated pentests in the region. 
  • Strategic leadership and Board of Directors appointments, including Vinay Anand as Chief Product Officer, Jay Golonka as Chief Financial Officer, Nick Walker as Director of EMEA, and Scott Lundgren and John Spiliotis as members of the Board of Directors. 
  • Exponential NetSPI Partner Program growth, with the introduction of 29 new partnerships in 2023 to date, including BMC Software, Optum, and Chubb. 
  • The release of NetSPI’s inaugural Offensive Security Vision Report, with valuable insights on the top vulnerabilities by attack surface, the state of remediation, and cybersecurity hiring trends. 
  • The acquisition of nVisium which continues to support scalability and delivery of its offensive security solutions.

NetSPI has been honored as a Top Workplaces USA winner for the past two years and as one of the best places to work in the state of Minnesota for three consecutive years. This year, the company ranked #12 on the midsize companies list, with special recognition for its innovation, employee appreciation, work-life flexibility, compensation and benefits, leadership, and purpose and values. 

“We will continue to prioritize flexible and remote work options as a company,” explained Heather Crosley, VP of People Operations. “At the same time, we recognize that an intentional space to connect in-person can make an incredible impact on our ability to collaborate, innovate, and deliver the best offensive security solutions globally. And that’s exactly what this new space is designed to do.” 

The move will take place in January 2024 and NetSPI will remain at its current headquarters at 800 N Washington Ave #670 in Minneapolis until then.  

Michael Anderstrom at Colliers represented NetSPI in the transaction.  

Visit www.netspi.com/careers to explore open roles in Minneapolis and its other US, India, Canada, and UK locations.

https://youtu.be/mkzEKUN4RSU

About NetSPI

NetSPI is the global leader in offensive security, delivering the most comprehensive suite of penetration testing, attack surface management, and breach and attack simulation solutions. Through a combination of technology innovation and human ingenuity NetSPI helps organizations discover, prioritize, and remediate security vulnerabilities. Its global cybersecurity experts are committed to securing the world’s most prominent organizations, including nine of the top 10 U.S. banks, four of the top five leading cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and many of the Fortune 500. NetSPI is headquartered in Minneapolis, MN, with offices across the U.S., Canada, the UK, and India. 

Media Contacts:
Tori Norris, NetSPI
victoria.norris@netspi.com
(630) 258-0277

Jessica Bettencourt, Inkhouse for NetSPI
netspi@inkhouse.com
(774) 451-5142

[post_title] => NetSPI Moves to New Minneapolis Headquarters to Accommodate Growth [post_excerpt] => Read about NetSPI’s move to a new Minneapolis headquarters to accommodate continued growth and innovation in the offensive security industry. [post_status] => publish [comment_status] => closed [ping_status] => closed [post_password] => [post_name] => new-netspi-headquarters [to_ping] => [pinged] => [post_modified] => 2023-08-29 08:59:34 [post_modified_gmt] => 2023-08-29 13:59:34 [post_content_filtered] => [post_parent] => 0 [guid] => https://www.netspi.com/?p=30884 [menu_order] => 61 [post_type] => post [post_mime_type] => [comment_count] => 0 [filter] => raw ) [39] => WP_Post Object ( [ID] => 30876 [post_author] => 91 [post_date] => 2023-08-24 12:15:39 [post_date_gmt] => 2023-08-24 17:15:39 [post_content] =>

As August comes to a close, we’re reliving the highlights from Black Hat 2023! Our team had a great time at this year’s event, complete with attending (and leading) workshops, launching new products, and of course, memorable evenings in the heart of Las Vegas.

https://www.youtube.com/watch?v=rJBCnT6QrwU

To all the NetSPI team members who attended Black Hat (and DEF CON 31!), and the key players who held down our home base, thank you for making this year’s conference a success! Tapping into this year’s theme, we really are better together. We asked a few of our offensive security experts to weigh in on the key themes, favorite conversations, and more details on what stole the show this year.