By Randori and Azure Security News
The company unlocking the attacker’s perspective, has unveiled a series of updates to its award-winning Attack Surface Management (ASM) and Continuous Red-Teaming (CART) platform including Target Temptation, a new engine that assesses the attackability of external assets.
Designed to help security teams zero in on the issues that matter most to their business, this patent-pending model is the first of its kind to take into account the logic of an adversary, and update it based on the results of real-world attacks.
Exposing Attackability to Bring Clarity to Cyber Risk
Designed by seasoned offensive security professionals, Target Temptation instantly analyzes and ranks exposed assets by attackability. Unlike traditional vulnerability management solutions that only consider the number and severity of vulnerabilities, Target Temptation looks at each target in context – analyzing the unique characteristics and business context of an asset to determine its attractiveness. With Target Temptation, organizations can now get real-time visibility into how adversaries see their attack surface, helping them prioritize protecting what matters most even as their attack surface changes.
Lionbridge, a global leader in localization and data training, was able to see a reduction in critical alerts compared to traditional vulnerability management, making prioritizing remediation efforts by risk an achievable objective. When combined with Randori’s advanced prioritization features, organizations gain a clear picture of their real-world risk.
“As a Chief Trust Officer, I want to be able to confidently tell our executive team exactly where we stand. Randori’s continuous monitoring and Target Temptation model has enabled me to have those conversations around our attack surface. With Randori,I can narrow down where to focus based on what’s relevant and interesting to an attacker,” Doug Graham, Lionbridge.
Going Beyond Vulnerabilities to Unlock the Attacker’s Perspective
The release of Target Temptation comes at a time when security leaders are questioning the efficacy of their existing vulnerability management solutions, with half of security leaders acknowledging that vulnerability management isn’t as effective as it once was. Last year, more than 18,000 vulnerabilities were discovered, and of those nearly two-thirds were given CVSS ratings of high or greater. With so many assets now exposed to the internet, prioritizing by vulnerability severity is no longer an effective security strategy, yet 84% rely on vulnerability management solutions to monitor their attack surface.
Target Temptation helps security teams:
- View their attack surface like an attacker
- Adopt a risk-based approach to vulnerability management
- Prioritize risks by attackability
“Complexity is the attacker’s friend and the defender’s foe. For every 1,000 exposed assets, there is often one that’s truly interesting to an attacker,” said Brian Hazzard, CEO and co-founder, Randori. “Traditional vulnerability management solutions surface thousands of issues, adding complexity to an already massive problem. CISOs don’t need more noise, they need clarity. With Target Temptation, Randori is providing defenders with the attacker’s perspective, giving the evidence needed to clearly understand their real-world risk.”
Target Temptation is available now and is part of the Randori Attack Platform, the industry’s first unified platform for attack surface management (ASM) and continuous automated red teaming (CART). To learn more about how Randori’s Target Temptation can help you prioritize issues on your attack surface, visit https://www.randori.com/platform.
See Randori in Action on April 14
On April 14, 2021, Randori will be sponsoring the first SANS Attack Surface Management Virtual Conference, designed for security leaders tasked with managing growing attack surfaces. The half-day event will bring together thought leaders, subject matter experts, and practitioners to discuss, share, and discover best practices for addressing the operational challenges associated with managing a remote workforce, cloud migrations, M&A, shadow IT, and the rise of ransomware attacks. Speakers include Dan MacDonnell, Former Deputy Chief, NSA/CSS; Window Snyder, Former CSO, Square; Joseph Menn, Reporter, Reuters; Richard Puckett, CISO, SAP; Phil Neray, Director of Azure IoT & Industrial Cybersecurity, Microsoft; and others.
Organizations interested in learning more about Target Temptation are encouraged to join us at the SANS Attack Surface Management Conference on April 14. Registration Link
Source : https://www.securityinfowatch.com/cybersecurity/information-security/breach-detection/press-release/21218207/randori-randori-unveils-target-temptation-engine-that-can-expose-where-hackers-will-attack