We are excited to be featured as a leader in the GigaOm Radar for Attack Surface Management for our platform’s ability of adversary emulation and automated testing that offers much needed risk verification and prioritization capability to the security leaders. Excellence in critical capabilities like Flexibility & Frequency of Asset Discovery, Active Assessment, Converged Protections, Risk Scoring & Asset Categorization, have put FireCompass in the “Innovation Platform Quadrant”.
“Delivers Actionable Guidance”
FireCompass ASM + CART GigaOm Radar for Attack Surface Management
The Report specifically points out the risk scoring capabilities of FireCompass Platform. “For example, CVSS scores are the starting point for analysis (as they should be). The proprietary risk scoring algorithm then integrates additional context from various sources, such as the priority of the asset, the weakness of the vulnerability, and the likelihood of exploitation. The end result is a risk score that is easy to digest and actionable”.
GigaOm Report points out that, “a function that’s not found with other vendors, but solves a common challenge, is how FireCompass integrates with threat intelligence feeds. Threat intelligence is a critical component of an organization’s security program. However, most threat feeds are consumed manually, or it’s left up to vendors to figure out how to use integrations best. FireCompass, in contrast, offers the ability to integrate threat feeds into its playbooks, then the playbooks that impact your assets are selected and run automatically. This approach delivers a timely and accurate assessment of organizational risk found in the attack surface by leveraging up-to-date threat intelligence.”
FireCompass is a SaaS platform for Continuous Automated Red Teaming (CART) and Attack Surface Management (ASM). FireCompass continuously indexes and monitors the deep, dark and surface webs using nation-state grade reconnaissance techniques. The platform automatically discovers an organization’s digital attack surface and launches multi-stage safe attacks, mimicking a real attacker, to help identify breach and attack paths that are otherwise missed out by conventional tools.