VentureBeat: Pentesting Firm NetSPI Expands Into Attack Surface Management
On February 22, 2022, Travis Hoyt was featured in a VentureBeat article titled, Pentesting Firm NetSPI Expands Into Attack Surface Management. Preview the article below, or read the full article online here.
+ + +
Exposure of internet-facing enterprise assets and systems can bring major risks for security. And yet in many cases, enterprises aren’t even aware of all the internet-facing assets they have — which of course makes it impossible to go about securing those assets and systems.
As digital transformation continues turning all enterprises into internet companies, to one degree or another, this problem of exposed assets and systems is growing fast. And that has led to the emergence of a new category of security technology: External attack surface management, or EASM.
The technology — sometimes referred to simply as attack surface management, or ASM — focuses on identifying all of an enterprise’s internet-facing assets, assessing for vulnerabilities and then remediating or mitigating any vulnerabilities that are uncovered.
A separate discipline within security is penetration testing, or pentesting, in which a professional with hacking expertise performs a simulated attack and tries to breach a system, as a way to uncover vulnerabilities that need to be addressed.
Today, enterprise pentesting firm NetSPI announced that it’s bringing the two worlds together, with the debut of its new attack surface management offering. The solution integrates the company’s pentesting experts into the attack surface management process, as a way to improve the triage and remediation of risky exposures, said Travis Hoyt, CTO at NetSPI.
“EASM does not typically include manual pentesting — at least not in the way NetSPI incorporates it into our new offering,” Hoyt in an email to VentureBeat.
However, “both are necessary to truly accomplish a holistic, proactive security program,” he said. “In today’s threat environment, conducting a pentest once a year is no longer effective given the rate at which the attack surface is changing. EASM ensures that corporate networks have constant coverage and attack surface visibility.”
Continue reading Pentesting Firm NetSPI Expands Into Attack Surface Management on VentureBeat (reporting by: Kyle Alspach).
Explore more News
Forbes: What Would Anubis Think Of Modern Day CEOs?
Forbes featured insights from NetSPI’s CEO, Aaron Shilts, on the CEO role. Read the article.
PC Gamer: This 3D printed laser chip-hacking device uses a $20 laser pointer, costs $500 to build, and was developed so that ‘people can do this in their homes’
Read the story of NetSPI's Sam Beaumont and Larry "Patch" Trowell created a laser hacking device (RayV Lite) that makes microchip exploitation easier.
WIRED: A $500 Open-Source Tool Lets Anyone Hack Computer Chips With Lasers
In an exclusive with WIRED, NetSPI’s Director of Transportation, Mobility, and Cyber Physical Systems, Sam Beaumont, and Director of Hardware and Embedded Systems, Larry “Patch” Trowell, explain a new laser hacking device they’ve created, RayV Lite. This device will be presented at Black Hat USA. Read the preview below or view it online. +++ IN […]