BOSTON – Feb. 20, 2024 /PRNewswire/ – Pentera, the leader in Automated Security Validation, today announced an integration with SpyCloud, the leader in Cybercrime Analytics, to automate the discovery and validation of compromised identities. Pentera uses exposure intelligence data to identify exploitable identities and facilitates targeted remediation to proactively reduce risk.
Compromised credentials remain one of the most pervasive and successful attack vectors year over year. According to the 2023 Verizon Data Breach Investigations Report (DBIR) stolen credentials were the root cause of almost 50% of all attacks, and provided initial access in 86% of all Web Application based attacks.
“The scale of leaked credentials available on the darknet is growing daily, and companies are struggling to maintain password hygiene as well as users’ identity and access security. Our Credential Exposure module leverages SpyCloud’s vast repository of recaptured assets to provide organizations with real-time visibility of their risk exposure from leaked credentials and a clear roadmap to remediation.”
“The combination of Pentera’s automated penetration testing and SpyCloud’s data gives organizations a fast path to identify and prioritize exploitable threats from compromised credentials. This integration delivers significant reduction in the risk posed by identity-driven cyberattacks.“
Pentera employs SpyCloud’s recaptured identity data to:
- Test networks via Internet-facing interfaces
- Validate against internal and external web applications
- Match leaked credentials against Active Directory active entries
Pentera’s Credential Exposure module automates penetration tests on both hashed and cleartext credentials across the internal and external attack surfaces. Security teams can run Pentera tests on-demand, exposing the real-world impact of compromised credentials by mapping complete attack paths that impact systems, users, and applications. Based on the findings, security teams can define actions and automated workflows to retire such credentials in parallel with implementing additional authentication controls. This immediate and targeted action reduces the time-to-remediation and removes critical identity threat exposures.
About Pentera
Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. Pentera is backed by leading investors such as K1 Investment Management, Insight Partners, Blackstone, Evolution Equity Partners, and AWZ. For more info, visit: pentera.io
About SpyCloud
SpyCloud transforms recaptured darknet data to protect businesses from cyberattacks. Its products operationalize Cybercrime Analytics (C2A) to produce actionable insights that allow enterprises to proactively prevent ransomware and account takeover, safeguard employee and consumer identities, and investigate cybercrime incidents. Its unique data from breaches, malware-infected devices, successful phishes, and other underground sources also powers many popular dark web monitoring and identity theft protection offerings. SpyCloud customers include more than half of the Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies around the world. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to make the internet safer with automated solutions that help organizations combat cybercrime.
To learn more and see insights on your company’s exposed data, visit spycloud.com.