August 10, 2022
Boston and Tel Aviv, August 8, 2022 – Pentera, the leader in Automated Security Validation, today announced Credential Exposure, a new module on the Pentera® platform for testing stolen and compromised credentials against the complete enterprise attack surface.
Leaked and stolen credentials pose a critical risk to organizations everywhere. The 2022 Data Breach Investigations Report (DBIR) indicates that over 80% of Web Application breaches involve compromised credentials. Every year, billions of credentials appear on the dark web, paste sites, and in data dumps shared by cyber-criminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft.
The Pentera platform combines real-world leaked credential data with its active validation engine to challenge both internal and external attack surfaces. The platform leverages these hashed or clear text credentials in millions of attack vectors, and provides actionable credential exposure mitigation steps such as password reset, or hardening users’ MFA policies and limiting privileges at risk in near real-time.
“We see a dramatic increase in identity related threats, specifically in the number of leaked credentials available to attackers. These, alongside credential stuffing techniques allow attackers to gain access to valid accounts, resulting in a breach” said Ran Tamir, Chief Product Officer at Pentera, “By integrating leaked credentials threat intelligence into Pentera, we offer our customers a unique solution of actionable threat intelligence based on credentials that are already available online. This enables continuous validation of account exposure and a remediation plan before the accounts are compromised”.
The Pentera Credential Exposure (CE) module will be demoed at Pentera’s booth at Black Hat 2022 in Las Vegas, and generally be available starting Oct 2022. To schedule a demo please click here, or drop by our booth (#1774).
Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info, visit: pentera.io.