Outpost24, a leading provider of cyber risk management and threat intelligence solutions, announced the integration of credential threat intelligence into its external attack surface management solution. Powered by the Outpost24 Threat Intelligence solution, this new data integration will allow Outpost24 EASM customers to identify threats earlier in the attack chain by flagging stolen credentials in use in their attack surface as soon as they are discovered.
Named by Gartner as a key vendor in the Competitive Landscape: External Attack Surface Management, 2023 report, the Outpost24 EASM solution is a leading EASM platform that scans the internet to discover unknown assets and systems of an organization to detect hidden risk and automate prioritization for security issues identified. This integration further empowers organizations to identify potential security risks with stolen credential intelligence, enhancing their proactive cybersecurity measures.
Credential theft has become a burgeoning industry within the cybercriminal ecosystem, driven by the illicit trade and direct use of compromised username-password credential pairs. As cybercriminals become increasingly sophisticated in their tactics, 49% of data breaches now involve the use of stolen credentials (Verizon, 2023 Data Breach Investigations Report) fueling the growing market for credential theft. This is further enabled through the availability of inexpensive malware kits online, as well as a surge in global stealer campaigns.
The Outpost24 threat intelligence research teams utilize advanced algorithms, drawing from open, closed, and private sources, including malware botnets, to power the credential data available on the platform.
Also Read: Trellix Announces Advanced Ransomware Detection and Response Solution
“This integration is part of our larger strategy to continue to help organizations committed to continuous threat exposure management make more intelligent risk mitigation decisions,” stated Brendan Hogan, Chief Strategy Officer at Outpost24. “This real-time information, seamlessly matched with the attack surface, enables more intelligent proactive risk mitigation against the most serious attack vectors and fraudulent activities earlier in the attack chain.”
By combining Threat Intelligence with External Attack Surface Management, organizations can detect both known and unknown internet-facing assets for vulnerabilities and potential attack paths from stolen credentials. This comprehensive approach instills confidence in security leaders, enabling them to make better-informed decisions, prioritize remediation actions, and close security gaps:
- Automatically alerts administrators when credential pairs in their attack surface are found to be a match with a stolen set.
- Identifies Personally Identifiable Information (PII) that has fallen into the hands of a bad actor from social engineering.
- Block potential intrusions at the firewall level and locate holes before an attacker can get in.
By adding Outpost24’s proprietary threat intelligence about stolen credentials to the external attack surface management solution, security teams can achieve:
- Earlier threat detection by identifying relevant stolen credentials, possibly before they have been used to carry out an attack.
- Better prioritization thanks to additional threat context gathered from deep dive investigation.
- Broader mitigation of threat exposure linked to credentials thus reducing the attack surface.
This integration is part of Outpost24’s larger commitment to empower organizations looking to implement CTEM (Continuous Threat Exposure Management) programs and showcases building upon synergies of our different product lines and internal research. Much more to come!
SOURCE: Outpost24