COALFIRE Launches Risk Based Attack Surface Management Solution
April 2021 by Marc Jacob
?With its recent acquisition of Neuralys, a cloud-based penetration testing management platform, today Coalfire launched its Attack Surface Management (ASM) solution to enhance the company’s growing offensive security portfolio. ASM complements the company’s 20-year risk management heritage by automating asset discovery, testing, remediation, and reporting across today’s expanding attack surfaces.
The addition of Coalfire’s ASM solution expands the company’s adversary ops services portfolio, encompassing cloud and application pen testing, threat and vulnerability management program development, and physical red team exercises.
“ASM represents ‘pen testing 2.0’ and our relentless dedication to risk management,” said Martin Sajon, executive advisor for threat and vulnerability management. “This new platform meets the challenge of today’s hyperscale, multi-cloud computing environments with continuous attack surface testing, streamlined managed services, and real-time executive dashboard visibility.”
ASM delivers ongoing adversarial validation of clients’ offensive controls, turning what was once a manual process into a dynamic, digital experience. Coalfire’s proprietary methodology powered by the ASM platform, provides value across the end-to-end process, spanning:
Discovery - Continuous identification of cloud and internet-facing assets
Management - Manage discovered assets for visibility, classification, and ownership
Validation - Automate and verify attack surface security postures
Prioritization - Aggregate and prioritize vulnerabilities and assets
Tracking - Monitor and report on changes, remediation, and ownership
With the Neuralys platform acquisition, Coalfire’s elite team and advanced, open-source security tools enable a comprehensive suite of offensive security services. These range from ongoing pen testing with the largest cloud service providers, to embedded testing and IoT assessments, to red team exercises designed to assess the overall security posture and an organization’s ability to respond to cyberattacks.