Pentera collaborates with SpyCloud to reduce dwell time of compromised credentials

Pentera announced an integration with SpyCloud to automate the discovery and validation of compromised identities.

Pentera uses exposure intelligence data to identify exploitable identities and facilitates targeted remediation to proactively reduce risk.

Compromised credentials remain one of the most pervasive and successful attack vectors year over year. According to the 2023 Verizon Data Breach Investigations Report (DBIR) stolen credentials were the root cause of almost 50% of all attacks, and provided initial access in 86% of all Web Application based attacks.

“The scale of leaked credentials available on the darknet is growing daily, and companies are struggling to maintain password hygiene as well as users’ identity and access security,” said Ran Tamir, CPO at Pentera. “Our Credential Exposure module leverages SpyCloud’s vast repository of recaptured assets to provide organizations with real-time visibility of their risk exposure from leaked credentials and a clear roadmap to remediation.”

“The combination of Pentera’s automated penetration testing and SpyCloud’s data gives organizations a fast path to identify and prioritize exploitable threats from compromised credentials,” said Cassio Mello, SVP of Business Development at SpyCloud. “This integration delivers significant reduction in the risk posed by identity-driven cyberattacks.”

Pentera employs SpyCloud’s recaptured identity data to:

• Test networks via Internet-facing interfaces
• Validate against internal and external web applications
• Match leaked credentials against Active Directory active entries

Pentera’s Credential Exposure module automates penetration tests on both hashed and cleartext credentials across the internal and external attack surfaces. Security teams can run Pentera tests on-demand, exposing the real-world impact of compromised credentials by mapping complete attack paths that impact systems, users, and applications.

Based on the findings, security teams can define actions and automated workflows to retire such credentials in parallel with implementing additional authentication controls. This immediate and targeted action reduces the time-to-remediation and removes critical identity threat exposures.