Market Leader’s New Platform Autonomously Validates any IT Attack Surface and Provides Enterprises with the Fastest Path to Cybersecurity Readiness
Boston & Tel Aviv, Israel, January 24, 2021 — Pentera, the leader in automated security validation, unveiled its next-generation security validation platform today. The Company ends the era of disparate security testing systems by launching a unified security validation platform that combines External Attack Surface Management (EASM), Breach and Attack Simulation (BAS) and automated penetration testing.
Recently elevated to unicorn status, Pentera autonomously emulates the entire cyberattack kill chain, from external-facing assets all the way to the core of the enterprise, thus revealing the most risk-bearing security gaps. The platform frequently tests organizations’ entire attack surface to identify exploitable vulnerabilities and delivers an actionable strategy to solidify their security posture.
Until now, security practitioners have been building their cyber resilience strategies using assumptions about their network’s known vulnerabilities. Pentera offers security professionals an ever-growing array of attack emulation tactics and techniques, including ransomware, across their cloud, hybrid and on-premise IT infrastructure. With this approach, enterprises replace assumptions with certainty to prioritize their security gaps and take surgical remediation steps ahead of a potential adversary.
“Pentera offers security practitioners a safe-by-design, research-backed, automated platform to validate their security program and defend against advanced threats,” said Ran Tamir, Chief Product Officer, Pentera. “With our recent funding round, we reaffirmed our commitment to delivering product innovation and these are just the latest enhancements we plan to introduce to the market.”
Capabilities and functionality of the Pentera platform include:
- Autonomous and Continuous Operation – The platform allows any IT professional to run penetration tests with minimal setup. The Autonomous Attack Orchestrator identifies the most attractive IT assets and decides on the next-best-attack-step without manual intervention.
- Total Attack Surface Discovery – Pentera maps enterprises’ entire internal and external attack surface, including Shadow IT and Web Applications. The platform’s continuous process assures security leaders that their organization’s attack surface is always accounted for and protected.
- Emulating Attacker Behavior – Pentera includes a broad and ever-growing array of attack techniques aligned to the MITRE ATT&CK matrix and OWASP Top 10 practices to help security practitioners validate the effectiveness of their security stack against real-life threats.
- Surgical remediation guidance – Pentera optimizes the resources of security professionals by focusing on high-risk exposures first, guided by remediation workflows and fix validation practices.
- Agentless architecture – Pentera requires no installation or modification to endpoints or the enterprise network.
- Safe-by-design – The platform abides by a strict safety policy to assure undisrupted operation of any IT environment or service.
To learn more about Pentera’s automated security validation platform, join our webinar on January 26 at 10 am EDT here.
Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. For more info, visit: pentera.io.
Why Gartner is Calling External Attack Surface Management (EASM) a Critical Functionality
External Attack Surface Management (EASM) tools are not new, but only this year has Gartner named this category as a top trend to keep an eye on in 2022. So, why does the top research & consulting firm think its time has come? The main reason is the relentless expansion of the digital footprint of...
The Good, Bad and Compromisable Aspects of Linux eBPF
2022 discoveries of new privilege escalation techniques Reading this blog will allow you to understand the eBPF mechanism and how a fairly small bug can lead to the compromise of the entire system. Executive summary Modern hacking techniques often use legitimate operating system tools for bad purposes. Such is the potential case with the common...
CVE-2022-22948: Sensitive Information Disclosure in VMware vCenter
New zero-day vulnerability joins a chain of recently discovered vulnerabilities capable of operating an end-to-end attack on ESXi. Organizations should evaluate risk and apply vCenter client patches immediately. Executive Summary Pentera Labs’ Senior Security Researcher, Yuval Lazar, discovered an Information Disclosure vulnerability impacting more than 500,000 appliances running default vCenter Server deployments. This finding is...