Pentera launched a unified security validation platform that combines External Attack Surface Management (EASM), Breach and Attack Simulation (BAS) and automated penetration testing.
Recently elevated to unicorn status, Pentera autonomously emulates the entire cyberattack kill chain, from external-facing assets all the way to the core of the enterprise, thus revealing the most risk-bearing security gaps. The platform frequently tests organizations’ entire attack surface to identify exploitable vulnerabilities and delivers an actionable strategy to solidify their security posture.
Until now, security practitioners have been building their cyber resilience strategies using assumptions about their network’s known vulnerabilities. Pentera offers security professionals an ever-growing array of attack emulation tactics and techniques, including ransomware, across their cloud, hybrid and on-premise IT infrastructure. With this approach, enterprises replace assumptions with certainty to prioritize their security gaps and take surgical remediation steps ahead of a potential adversary.
“Pentera offers security practitioners a safe-by-design, research-backed, automated platform to validate their security program and defend against advanced threats,” said Ran Tamir, Chief Product Officer, Pentera. “With our recent funding round, we reaffirmed our commitment to delivering product innovation and these are just the latest enhancements we plan to introduce to the market.”
Capabilities and functionality of the Pentera platform include:
- Autonomous operation – The platform allows any IT professional to run penetration tests with minimal setup. The Autonomous Attack Orchestrator identifies the most attractive IT assets and decides on the next-best-attack-step without manual intervention.
- Total attack surface discovery – Pentera maps enterprises’ entire internal and external attack surface, including Shadow IT and web applications. The platform’s continuous process assures security leaders that their organization’s attack surface is always accounted for and protected.
- Emulating attacker behavior – Pentera includes a broad and ever-growing array of attack techniques aligned to the MITRE ATT&CK matrix and OWASP Top 10 practices.
- Surgical remediation guidance – Pentera optimizes the resources of security professionals by focusing on high-risk exposures first, guided by remediation workflows and fix validation practices.
- Agentless architecture – Pentera requires no installation or modification to endpoints or the enterprise network.
- Safe-by-design – The platform abides by a strict safety policy to assure undisrupted operation of any IT environment or service.