Research team’s publications explaining recent adversary techniques are shared with the cybersecurity defenders community.
Boston & Tel Aviv, Israel — May 31, 2022 — Pentera, the leader in Automated Security Validation, today unveiled its research arm, Pentera Labs. The company has made its recent publications available to any cyber defender to help them identify, analyze and mitigate new adversary tactics and techniques in the wild.
Pentera Labs is led by Alex Spivakovsky, VP of Research, and consists of two dozen world-class cyber researchers who formerly served in elite Israeli defense forces intelligence units. It serves as the research powerhouse behind Pentera’s Automated Security Validation platform.
The Pentera Labs team actively monitors threat intelligence feeds to identify new critical vulnerabilities and the latest attack techniques used by adversaries. These findings are synthesized and fed into the Pentera platform to continually enhance its security testing capabilities. This enables subscribers of the Pentera platform to keep their security validation program abreast of the latest attack techniques and grow their cyber resilience.
Through its ongoing research, Pentera Labs recently discovered and disclosed two zero-day vulnerabilities in VMWare vCenter, potentially exposing more than 500,000 organizations globally.
As part of its public contribution, Pentera Labs recently submitted new attack techniques to the MITRE ATT&CK framework, becoming an official contributor to the globally-accessible knowledge base of adversary tactics and techniques.
“Every day, Pentera Labs’ research team steps into an adversary’s mindset to safely probe the security controls protecting top enterprises,” said Alex Spivakovsky. “Pentera Labs’ findings are fueling the engine that powers the Pentera platform with research-based threat intelligence, providing our customers with the latest information on real-world vulnerabilities and attack techniques. By sharing Pentera Labs’ research with the greater security community, we are proud to be helping security practitioners all around the globe efficiently detect and remediate threats and security gaps before they are exploited.”
Experts from Pentera will be on-hand to demonstrate the industry’s first unified Automated Security Validation platform for both internal and external threats at the RSA Conference (booth #4215), taking place June 6-9 in San Francisco. Register now to reserve time during RSAC to speak with a member of the Pentera team and receive a demonstration of the platform: go.pentera.io/rsa-2022.
Pentera is the category leader for Automated Security Validation, allowing every organization to easily test the integrity of all cybersecurity layers, unfolding accurate, current security exposures at any moment, at any scale. Thousands of security professionals and service providers worldwide use Pentera to guide remediation and close security gaps before they are exploited. For more info, visit pentera.io.
Every company has some level of tech debt. Unless you’re a brand new start-up, you most likely have a patchwork of solutions that have been implemented throughout the years, often under various leadership teams with different priorities and goals. As those technologies age, they can leave your organization vulnerable to cyber threats. While replacing legacy...
LOLBAS (Living Off the Land Binaries And Scripts) is an attack method that uses binaries and scripts that are already part of the system for malicious purposes. This makes it hard for security teams to distinguish between legitimate and malicious activities, since they are all performed by trusted system utilities. Since LOLBAS are one of...
The rapid pace of technological advancements constantly create new attack vectors and attack surfaces. Consequently, it is critical to constantly stay up-to-date on new changes, in addition to revisiting older technologies and previously identified attack surfaces to ensure that proper security protocols were put in place. As part of Pentera Labs’ mission, we aim to...