We know how frustrating it can be to discover new assets that don’t follow your internal security policies, such as using a geolocation that isn’t allowed or even a sudden spike in hosting from an approved country. These exposures can put your organization at risk, especially since they often go undetected and are challenging to split with automation. That’s why we’re excited to see so many of our customers use our new IP page.

Customers often tell us of instances where someone in their team spins up a new machine that isn’t using an approved geolocation, or that they see an unexpected spike in hosting from a particular country. These anomalies can put an organization at risk, especially since they are difficult to spot in an automated way.

“How does Detectify’s External Attack Surface Management platform compare to Penetration testing” or “What I’m really looking for is Penetration testing” are two statements we often hear when talking to prospects. We know that many of you are keen to understand how EASM compares with Penetration testing (Pen testing), so we’re exploring these two methodologies side-by-side.

Implementing an AWS multi-account strategy is a popular approach that helps organizations to manage their cloud resources efficiently. In my previous post, I discussed our reasons for implementing an AWS multi-account strategy, our journey, and some of the benefits we gained as an organization. However, implementing this strategy can come with its fair share of challenges.

The attack surface is where you can understand what you have exposed and whether you should take action on it. Previously, users couldn’t see which assets were vulnerable from the Attack Surface view – it was only possible to view vulnerable assets from the Vulnerabilities page, which required more time. Viewing vulnerabilities on the Attack Surface page will help you better prioritize which assets you need to take action on.

Resolving vulnerabilities quickly depends on several factors, not least how effectively security and product development teams collaborate. Modern security teams rely on several tools to discover, analyze, and triage vulnerability findings on to product development teams for remediation. This process sounds straightforward, but it rarely is. Detectify users manage the security of large scale products and services owned by dozens – if not hundreds – of product development teams.

AppSec teams often struggle to either validate or scale their security policies, like enforcing security headers or removing risky technologies. This job is easier said than done, and teams are feeling the pinch. To address these challenges, we launched Attack Surface Custom Policies – a powerful feature built directly into Surface Monitoring that makes it possible to set, enforce, and scale customizable security policies so you can focus on the issues that matter most.

We’re excited to announce that Detectify has been included in the 2023 Gartner Competitive Landscape for External Attack Surface Management report. This report is an important resource for External Attack Surface Management (EASM) vendors and potential customers alike, as it provides the most up-to-date insights on the EASM landscape and how various vendors are approaching attack surface management.

AppSec teams often struggle to either validate or scale their security policies, like enforcing security headers or removing risky technologies. This job is easier said than done, and teams are feeling the pinch. To address these challenges, we launched Attack Surface Custom Policies – a powerful feature built directly into Surface Monitoring that makes it possible to set, enforce, and scale customizable security policies so you can focus on the issues that matter most.

Greetings, digital guardians. Today, we’ll be diving into the wonderful world of External Attack Surface Management (EASM) platforms. As the sun rises on another day in your cyber kingdom, you may find yourself wondering whether your EASM platform is really up to the task of protecting it. In this article, we’ll be your guiding light in the dark alleys of EASM uncertainty.