It’s no secret that digital supply chains are increasingly under attack as hackers try to use this vector to gain access to corporate networks and sensitive information. But it also means that companies need to find ways to protect their assets, even if they are outside the attack surface they have traditionally focused on. This is where third-party attack surface management services like CyberPeon come in.
Cyberpean today announced a $27 million Series A round. The round was led by US venture partners, including existing investors Team8 Capital and HyperWise Ventures, who together led the company’s $8.25 million seed round, who also participated.
The idea behind managing external attack surfaces is to look at all of a company’s external assets and infrastructure from the outside and proactively scan for risks and vulnerabilities. Since raising the bar in early 2020, attacks such as the SolarWinds hack have raised awareness of how vulnerable a software supply chain can be. At the same time, a large percentage of corporate IT infrastructure currently sits outside a traditional company firewall, but a recent Gartner report says that only 10 percent of organizations have deployed attack surface assessment solutions to date. This leaves a lot of room for growth as sooner or later these companies will have to make these decisions.
Jacques Benkowski, general partner at US Venture, said: “Traditional third-party risk management solutions are completely focused on vendors directly connected to the enterprise and IT infrastructure, and this approach is outdated and does not take into account the true scale of the problem.” partner. “Most organizations don’t even think of their suppliers as direct cyber risk. cyber pawn It is the only platform that directly addresses this issue by proactively evaluating all external assets – third party connections, third parties to third parties – and providing automated protection against incoming attacks.”
Given the rise in awareness, it’s no surprise that CyberPean has seen rapid growth in its business in recent years, with sales more than tripling since its initial increase in October 2020. Cyberpean and CBO co-founder Ran Nahmias also noted. This company quadrupled its customer base during this period, adding one client to the Fortune 10 list and dozens of clients to the Fortune 500 list.
In terms of product, the company has always focused on analyzing and mapping connections to map out the company’s external attack surface, but now it has gone beyond that. “Our method is based on the analysis and matching of N-degree downlinks,” explains Nahmias. “But – since we’re crawling the entire internet several times a day – over the past year, we’ve learned that it’s also useful to flag things and look for things that are offline but are still a lost business asset.”
Nahmias also notes that there are several use cases associated with a local domain registered by a Gobble employee (remember something like gaming-updates.com.co). They are not necessarily created with malicious intent, but are not connected to or protected by corporate networks.
According to Nahmias, this ability to go the extra mile to find potential problems is part of what makes CyberPean unique (and it offers this capability to its customers as a paid add-on).