Ecosystem Security Blog

how-your-employees-are-expanding-the-attack-surface
Attack Surface Management
How Your Employees Are Expanding the Attack Surface

How Your Employees Are Expanding the Attack Surface

November 30, 2022

The security of the enterprise has been dramatically disrupted due to hybrid and work-from-home (WFH) environments. Security teams are struggling to grasp the scope of their...

ftx-risk-management-and-attack-surfaces-visibility-is-the-key
FTX, risk management, and attack surfaces – Visibility is the Key
Tamir Hardof

FTX, risk management, and attack surfaces – Visibility is the Key

November 16, 2022

The FTX crypto disaster is a great lesson in risk management. It brings into focus the importance of knowing where your valuables are and how they are being managed.  The Rise and...

racing-to-fix-the-openssl-critical-vulnerability-what-you-need-to-know
Racing to Fix the OpenSSL Critical Vulnerability – What you need to know
Tally Netzer

Racing to Fix the OpenSSL Critical Vulnerability – What you need to know

October 31, 2022

This is a developing story. Updates will be amended as new information and guidance become available. The implications of a severe vulnerability   The OpenSSL Project team...

why-continuous-attack-surface-management-is-no-longer-optional
Why Continuous Attack Surface Management is No Longer Optional 
Tally Netzer

Why Continuous Attack Surface Management is No Longer Optional 

October 24, 2022

Who Needs Attack Surface Visibility?  From Executive Orders to cyber insurance and evolving regulations, security teams are entering the age of evidence. Want to do business with a...

its-time-to-change-the-playbook-prepare-for-uncorrelated-surprises
It’s time to change the playbook: Prepare for uncorrelated surprises
Tamir Hardof

It’s time to change the playbook: Prepare for uncorrelated surprises

October 11, 2022

Investors came into 2022 feeling good, with a three-year average annual return for the S&P 500 of 24%. In March, things changed. The Federal Reserve raised interest rates, signaling...

why-attack-surface-assessment-tools-are-vital-according-to-gartner
Why Attack Surface Assessment Tools Are Vital According to Gartner
Ben Kapon

Why Attack Surface Assessment Tools Are Vital According to Gartner

April 26, 2022

Attack Surface Assessment tools enable information security teams to look at their organizations “outside-in” from the attacker’s point of view, prioritizing the issues that attackers...

digital-attack-surface-the-top-7-vulnerabilities-you-need-to-know
Digital Attack Surface – The Top 7 Vulnerabilities You Need to Know
Ben Kapon

Digital Attack Surface – The Top 7 Vulnerabilities You Need to Know

April 12, 2022

The Modern Attack Surface is Digital and External In the past, the attack surface was defined and protected by the boundaries of the organization’s physical network (aka the LAN)....

cyberpion-closes-series-a-funding-at-the-inflection-point-for-attack-surface-management
Cyberpion Closes Series A Funding at the Inflection Point for Attack Surface Management
Nethanel Gelernter

Cyberpion Closes Series A Funding at the Inflection Point for Attack Surface Management

March 31, 2022

  In business and life, getting the timing and the team right is half the battle. Getting Started Cyberpion came out of stealth mode 18 months ago. During those 18 months, the...

dont-forget-the-digital-supply-chain-during-mabecause-it-wont-forget-you
Don’t Forget The Digital Supply Chain During M&A…Because It Won’t Forget You
Ran Nahmias

Don’t Forget The Digital Supply Chain During M&A…Because It Won’t Forget You

January 17, 2022

(Originally Posted on Forbes.com) Anyone who’s ever been in a relationship knows that the beginnings and ends are the toughest parts. This is when the baggage is dusted off,...

apache-log4j-vulnerability-cve-2021-44228-how-to-discover-and-minimize-your-exposure
Apache Log4j Vulnerability CVE-2021-44228 – How to discover and minimize your exposure
Ben Kapon

Apache Log4j Vulnerability CVE-2021-44228 – How to discover and minimize your exposure

December 13, 2021

On Thursday, December 9, a zero-day vulnerability CVE-2021-44228 (a.k.a. Log4Shell, LogJam, and Log4j) was made public. This vulnerability impacts Apache Log4j versions 2.0-beta9 to...

10-ways-to-avoid-online-shopping-scams-on-cyber-monday-and-beyond
10 Ways to Avoid Online Shopping Scams on Cyber Monday and Beyond
Ben Kapon

10 Ways to Avoid Online Shopping Scams on Cyber Monday and Beyond

November 29, 2021

Cyber Monday and the holiday shopping season are around the corner: don’t be the victim of an online shopping scam or cyber security breach. Cyber Monday is here, and the holiday...

remediation-vs-mitigation-third-party-vulnerability-management
Remediation vs. Mitigation — Third-Party Vulnerability Management
Ben Kapon

Remediation vs. Mitigation — Third-Party Vulnerability Management

October 3, 2021

Neglecting to address third-party vulnerabilities can cause widespread problems for your organization, the third party, and possibly every one of the third party’s customers, which is why...

securing-fast-and-slow-from-reactive-incidence-response-to-proactive-attack-surface-reduction
Securing Fast and Slow–From Reactive Incidence Response to Proactive Attack Surface Reduction
Jonathan Lebowitsch

Securing Fast and Slow–From Reactive Incidence Response to Proactive Attack Surface Reduction

September 13, 2021

As more enterprise clients adopt Cyberpion as their External Attack Surface Management solution, we are seeing a distinct, bimodal pattern with regard to the workflows and processes used to...

a-primer-on-external-attack-surface-management
A Primer On External Attack Surface Management
Ben Kapon

A Primer On External Attack Surface Management

August 8, 2021

Customer trust is one of the greatest assets an enterprise can have. However, a rising trend in cyberattacks combined with lax oversight of a critical attack vector may put your...

three-types-of-supply-chain-attacks-explained
Three Types of Supply Chain Attacks Explained
Ben Kapon

Three Types of Supply Chain Attacks Explained

July 26, 2021

Physical vs Software vs Digital Supply Chain Vulnerabilities The concept of a supply chain has been around since the 1920s. Fast-forward to today, the term "supply chain" has been co-opted...

cyberpion-available-on-microsoft-azure-marketplace
Cyberpion Available On Microsoft Azure Marketplace
Ben Kapon

Cyberpion Available On Microsoft Azure Marketplace

July 7, 2021

We are happy to announce that Cyberpion’s Security platform has achieved IP Co-Sell Ready Status and is now available via the Microsoft Azure Marketplace. Access Cyberpion via the Azure...

recent-ea-hack-highlights-enterprise-security-learning-curve-with-regards-to-trusted-third-party-infrastructures
Recent EA Hack Highlights Enterprise Security Learning Curve With Regards To “Trusted” Third-Party Infrastructures
Nethanel Gelernter

Recent EA Hack Highlights Enterprise Security Learning Curve With Regards To “Trusted” Third-Party Infrastructures

June 15, 2021

A few months ago, Cyberpion approached EA with an ethical disclosure of several security vulnerabilities. EA was informed of the following during that disclosure: that via a trusted...

introducing-cyberpions-security-partner-program
Introducing Cyberpion’s Security Partner Program
Ran Nahmias

Introducing Cyberpion’s Security Partner Program

May 11, 2021

What Is An External Attack Surface? While there has been no shortage of headlines regarding cybersecurity events for the past many years, the recent SolarWinds incident highlights the...

a-tale-of-ethical-disclosures
A Tale of Ethical Disclosures
Ran Nahmias

A Tale of Ethical Disclosures

April 12, 2021

In many recent conversations with family, friends, colleagues and even people in the socially distanced line at the grocery store, I keep talking about external attack surfaces as an...

2021-cybersecurity-predictions-government
2021 Cybersecurity Predictions: Government
Nethanel Gelernter

2021 Cybersecurity Predictions: Government

February 8, 2021

Third-Party Attacks Will Increasingly Push Government Agencies To Rigorously Evaluate Online Vendors The recent SolarWinds supply chain attack that targeted several U.S. government...

assessing-your-exposure-to-the-solarwinds-sunburst-cyberattack
Assessing Your Exposure To The SolarWinds SUNBURST Cyberattack
Jonathan Lebowitsch

Assessing Your Exposure To The SolarWinds SUNBURST Cyberattack

January 14, 2021

It took stealing the crown jewels of one of the leading cyber security companies – the offensive hacking tools of FireEye – for anyone to detect what’s shaping up to be...

u-s-retailers-how-a-grinch-will-steal-your-holiday-this-year
U.S. Retailers: How a Grinch Will Steal Your Holiday This Year
Ran Nahmias

U.S. Retailers: How a Grinch Will Steal Your Holiday This Year

December 10, 2020

On top of a challenging economic year, retailers, e-tailers, and their customers face a growing threat this holiday season: the rise in cyberattacks. While businesses have lived with this...

threats-and-vulnerabilities-hiding-in-the-cloud
Threats and Vulnerabilities Hiding in the Cloud
Jonathan Lebowitsch

Threats and Vulnerabilities Hiding in the Cloud

November 30, 2020

Cloudification has been taking over IT in the past decade and has been a huge factor in the explosion of the size of companies’ online ecosystems and the types of risks that exist...

the-cybersecurity-industry-is-waking-up-to-the-external-attack-surface
The Cybersecurity Industry is Waking Up to the External Attack Surface
Ran Nahmias

The Cybersecurity Industry is Waking Up to the External Attack Surface

November 17, 2020

Several months ago, I was introduced to Cyberpion and the concept of the external attack surface that exists in an organization’s external attack surface. I have worked in cybersecurity...

election-ecosystems-how-the-two-u-s-political-parties-stack-up
Election Ecosystems, How The Two U.S. Political Parties Stack Up
Ran Nahmias

Election Ecosystems, How The Two U.S. Political Parties Stack Up

November 2, 2020

We are about one week away from the U.S. election and a lot is at stake for both parties. While the political pundits are focused on polling numbers and predictions, at Cyberpion we are...

what-is-an-online-ecosystem
What Is An Online Ecosystem?
Jonathan Lebowitsch

What Is An Online Ecosystem?

October 15, 2020

The Days of Monolithic Webservers are Long Gone Practically any public webpage now loads multiple pieces of content, from multiple sources. In fact it’s now not uncommon to find...

founding-cyberpion
Founding Cyberpion
Nethanel Gelernter

Founding Cyberpion

October 1, 2020

Why Cyberpion? Why Now? My team and I founded Cyberpion with one goal in mind: to answer the critical and growing need for organizations to secure their online ecosystems. The primary...

Let Us
Show You.

Discover Your Exposure So You Can Protect It

Request a free hyper external attack surface scan today.