Unveiling of Bugcrowd's Persistent Penetration Testing Solution for Vulnerability Scanning in Real-Time
In a bid to help organisations stay ahead of cyber threats, Bugcrowd, a leading crowdsourced cybersecurity platform, has announced the release of a new solution called Continuous Attack Surface Penetration Testing (CASPT) on their platform.
The new solution, CASPT, is designed to provide a proactive security approach, helping customers meet compliance goals and reduce their external risk asset exposure continuously. With CASPT, users can run a baseline test and share incremental changes about new and updated assets or threats with a curated team for testing as soon as changes are detected.
The introduction of CASPT is a significant milestone for Bugcrowd, as it marks the integration of external attack surface management (EASM) data from Informer, a company now integrated into Bugcrowd's platform. This integration aims to bring rich EASM data into the Bugcrowd platform, providing proactive, data-driven insights and recommendations for customers.
Organisations today need to understand ongoing risk across all digital assets in motion before attackers can exploit them. The integration of EASM data into the Bugcrowd platform is intended to help customers meet compliance goals and reduce their external risk asset exposure more effectively.
Adversaries often have more knowledge about their attack surface than its defenders. Attack surfaces are constantly expanding and shifting due to factors like shadow IT, cloud adoption, multinational organisations, and M&A, making the manual tracking of digital assets challenging. The integration of EASM data aims to provide a more comprehensive view of an organisation's attack surface.
Bugcrowd's long-term vision for the platform is to give customers better eyes on their attack surface than their adversaries. This vision is further enhanced by the combination of EASM data and Bugcrowd's vulnerability information, intended to create new and unique value for customers and hackers on the platform.
It is estimated that nearly 70% of organisations have been compromised through an unknown or poorly managed asset. With CASPT, organisations can gain a better understanding of their attack surface and take proactive measures to reduce their risk.
For Bugcrowd customers with managed bug bounty engagements, the integration allows for the updating of scope for new and updated assets and the kicking off of a new pentest or bug bounty engagement from their EASM dashboards.
The company's goal is to help hackers on its platform acquire more skills and earn more rewards by matching them with engagements that reflect their interests and experience. By providing a continuous penetration testing solution, Bugcrowd aims to provide a high level of assurance that both compliance and risk reduction goals are being met continuously.
However, fewer than 10% of organisations have full visibility into their evolving attack surface. With CASPT, Bugcrowd aims to help close this gap and provide organisations with the tools they need to stay ahead of cyber threats.
Read also:
- Catastrophe at a U.S. Steel facility in Pennsylvania results in the loss of two lives. crucial details unveiled
- Manipulating Sympathy: Exploiting Victimhood for Personal Gain
- Auto Industry Updates: Geotab, C2A, Deloitte, NOVOSENSE, Soracom, and Panasonic in Focus
- Exploring Money-Making Opportunities in Digital Gaming Worlds
