IONIX ASM Platform Adds Testing Tools to Simulate Cyberattacks
IONIX this week extended its attack surface management (ASM) platform to include an ability to use simulations to conduct tests without disrupting production environments.
This exposure validation capability eliminates the need to rely on manual processes to discover whether a vulnerability could actually be exploited in a production environment.
IONIX CEO Marc Gaffan said the easier it becomes to identify critical vulnerabilities, the more effective cybersecurity teams are going to be in an era where there are potentially hundreds of thousands of known vulnerabilities. The challenge is that while only 2% of those vulnerabilities are being actively exploited, understaffed cybersecurity teams have limited time to thwart attacks even as they become more targeted and better able to wreak havoc in minutes.
Instead of having to triage thousands of alerts about potential risks, the IONIX ASM platform enables cybersecurity teams to precisely pinpoint which threats represent the biggest risk to the business, said Gaffan.
Cybersecurity teams generally lack the resources to manually test production environments for every possible vulnerability. The exposure validation testing tools provided by IONIX enable organizations to maximize the skills and expertise of these teams, which are often understaffed, noted Gaffan.
He added that it should also give cybersecurity teams more time to discover additional blind spots than running manual tests would.
Each organization will need to decide for themselves how often to run those tests, but simulations make it possible to run them as often as desired. Rather than occasionally running penetration tests, a cybersecurity team, if they choose, can now opt to continuously test production environments, said Gaffan.
In general, attack surfaces are becoming more difficult to defend as more platforms are added. At the same time, the pace at which changes are being made to those platforms is increasing. Each of those changes creates another potential vulnerability that cybersecurity teams are expected to remediate. Given that rate of change, organizations need to continuously scan the attack surfaces that make up their digital supply chain for changes and updates, noted Gaffan.
As part of that effort, IONIX is applying machine learning algorithms to identify hundreds of different asset characteristics, such as where they’re hosted, what their domains are, which certificates are active and the domain name system (DNS) data available.
That type of capability is critical because the volume and sophistication of cyberattacks is only going to increase as cybercriminals continue to experiment with artificial intelligence (AI) tools that make it simpler for them to create malware. Much of that research is being done by nation-states that eventually share those insights with allied cybersecurity syndicates that provide, for example, ransomware-as-a-service platforms across an ecosystem of cybercriminals.
It’s not clear at what point ASM and traditional IT asset management might one day converge, but it’s apparent that anything connected to a corporate network is a potential target. The challenge is there is simply not enough cybersecurity expertise available, so a larger percentage of security operations (SecOps) tasks need to be assumed by IT operations teams. After all, the issue, as always, is that which can’t be seen can’t be managed, much less secured.
