Threat Detection

OccamSec Launches New Platform to Manage Cyber Threat Exposures

OccamSec’s Incenter expands threat exposure and vulnerability identification to include mobile, API, and cloud environments in addition to existing external infrastructure and web application capabilities to deliver the most comprehensive consolidated security platform for Continuous Threat Exposure Management to date

OccamSec today launched its market-defining Continuous Threat Exposure Management (CTEM) platform with the major expansion of  Incenter. With new threat exposure categories—API, Mobile, and Cloud—and self-service and self-scoping capabilities, Incenter delivers a comprehensive and easy-to-deploy solution for organizations and MSSPs needing to identify and manage known and unknown threat exposures in real-time, develop security insights based on their unique business context, and consolidate tools and technologies.

Today’s dynamic attack surface makes it difficult for security teams to gain the visibility required to keep pace with the proliferation of new vulnerabilities and threats. Compounding this problem, API usage is soaring as it sprawls throughout organizations connecting systems and providing direct access to sensitive data and functionalities, becoming the number one attack vector for cyber attacks. Most organizations don’t know what their attack surface truly is, meaning they are often missing or overlooking threats to assets that could have a critical impact on the business. This makes maintaining a current security posture over time unobtainable for most.

The average time to detect and contain a breach is 287 days, making it clear that traditional penetration testing, red teaming, crowdsourcing, and attack surface monitoring solutions are missing vulnerabilities that could allow attackers to enter and sit in the network for weeks to months and that leave critical blind spots across the internal and external attack surface of organizations.

“Everything is vulnerable. The security landscape is littered with point solutions that drive up costs and add complexity for organizations trying to wrap their heads around the weak spots in their system defenses that attackers can take advantage of and that matter most to their business,” said Mark Stamford, Founder & CEO, OccamSec. “Incenter is one of the only solutions that looks at all the pieces of the security puzzle and puts them back together in the context of the business. By taking a continuous and consolidated approach to threat exposure management, we reduce a complicated problem into the simplest solution that proactively manages security posture and actually protects what’s important to each distinct organization.”

“Incenter provides us with on-demand and high quality security testing capabilities which help our clients gain an accurate view of their current security posture,” said Tim Mather, CISO at Fortium Partners. “The ability to now jointly collaborate with clients within Incenter to self-define the scope of each test helps us move faster and make better informed decisions. Also, having expanded coverage to test external infrastructure, web applications, mobile applications, API’s and cloud environments ensures we can view security risk across multiple environments (on-premise, hosted, cloud) in one platform with regularly scheduled reporting.”

Organizations today need security solutions and programs that integrate people, tools, and technologies and provide the means to continuously test, evaluate, and report on where an organization is vulnerable and the potential impact within the context of the business. According to Gartner, by 2026, organizations prioritizing their security investments via a continuous threat exposure management program will suffer two-thirds fewer breaches. 

Developed to provide organizations with the proactive CTEM capabilities they need to continually reduce risk from a constantly evolving threat landscape, Incenter’s new updates include:

  • Self-service and self-scoping functionality: The new self-service functionality gives organizations control of their testing and remediation schedules, providing flexibility to run tests as needed on-demand and align with their organization’s specific requirements. Self-scoping helps remove the often weeks-long asset mapping process and begin pen-testing their attack surface immediately. By enabling users to scope and schedule assessments and manage their security posture proactively, Incenter ensures organizations can adapt quickly to evolving threats and stay ahead of potential vulnerabilities.
  • Expanded threat exposure coverage: Threat exposure types now include Mobile, API, and Cloud environments, in addition to existing external infrastructure and web application testing. This ensures unified visibility and comprehensive protection for organizations as they navigate beyond traditional vulnerability management solutions and move towards proactively identifying and prioritizing security issues based on business context.
  • New and enhanced automated testing capabilities: Automated scanning performs continuous assessments to allow for a more in-depth evaluation of assets in a broad range of systems, applications and networks, significantly reducing the time and effort required for security assessments. In parallel, skilled security analysts conduct targeted manual reconnaissance and testing on priority targets, such as critical systems and applications. This synergy of techniques uncovers vulnerabilities that automated tools might miss—such as those involving complex business logic or specific configurations—and results in a robust and thorough security evaluation, addressing both common and obscure vulnerabilities and strengthening the organization’s defenses against potential cyber threats.
  • Single Sign-On (SSO) integration: Streamlines user access and enhances overall security by simplifying the authentication process and making it easier for clients to manage user access and maintain a secure environment.

Built from the ground up by leading offensive security experts, Incenter is a one-of-a-kind CTEM platform offering a dual assessment approach that combines human experts with advanced vulnerability discovery and validation automation technology to provide continuous testing all the time. Incenter has already been adopted by visionary security leaders in a broad range of industries – from media, education and healthcare to industrial, energy, technology, and finance.

Incenter is fully API driven for integration and automation and supports an ever increasing number of integrations, providing the capability to ingest data and export data to a variety of third party systems. Supported by world-class vulnerability research and threat intelligence teams, Incenter centralizes management and removes the need for customers to purchase multiple security products and services to help reduce costs and increase security program efficiencies. 

Licensing
Incenter offers flexible and scalable subscription licensing and is available now for end users, managed service providers, consultants and vCISO organizations.

Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!

Related posts

AppOmni Launches Free Salesforce Scanner

Business Wire

ExtraHop announced support for Amazon Security Lake from AWS

Business Wire

Dynamic Threat Detection Provider Datto to Present at Conference

Business Wire