Strong ARM tactics?

HackerOne's new approach includes an Attack Surface Management product to help discover and protect assets.

HackerOne has launched Attack Resistance Management (ARM) - a new category of security solution that targets the root causes of the attack resistance gap. This gap is caused by incomplete knowledge of digital assets, insufficient testing, and a shortage of the right skills. Attack Resistance Management (ARM) combines attack surface knowledge with the power of ethical hackers to give organizations a true security advantage. To complete ARM, HackerOne announced its HackerOne Assets product, available later this year, which provides discovery and monitoring of all known and unknown assets.



“Attack Resistance Management is crucial to driving down cyber risk,” said Marten Mickos, CEO of HackerOne. “Our customers’ security teams have long benefitted from the insights and expertise of the ethical hacking community. With Attack Resistance Management, those creative insights provide actionable intelligence to developers, operations, and security teams to build secure products and avert cyberattacks in a cost effective manner.”



ARM combines:



Security Talent Management - HackerOne brings its existing expertise in the recruitment, vetting, and training of ethical hackers to the approach. The platform ranks hackers and connects organizations to those with the most effective skills for their specific requirements.


Reconnaissance and Risk Ranking - HackerOne introduced its Assets product that helps rank the exploitability of vulnerabilities and tackle the riskiest assets first with continuous mapping and prioritization. Assets help customers:

Get global visibility across their attack surface by clearly documenting discovered assets and their associated threats.

Validate and rank asset vulnerabilities using insight from hackers with real-world expertise.

Capitalize on real-time, dynamic responses to their shifting threat environment with continuous discovery and analysis.

HackerOne Assets is expected to be available for purchase in the HackerOne platform this summer.



Testing and Triage - In addition to HackerOne’s established testing solutions, from simple spot checks for new features to pentests for compliance, and in-depth security assessments for new applications, its recent acquisition of code review-as-a-service platform, PullRequest, means customers can benefit from expert review at every stage of the development lifecycle.


Skills and Intelligence Creation - The HackerOne platform delivers insights vulnerability data to customers so they can identify, verify and remediate the next likeliest source of security risk in their environment. For customers lacking the in-house expertise, the new Security Advisory Service provides experienced security professionals to better leverage vulnerability data. To complete the intelligence offering, HackerOne delivers red team enrichment, developer education, vulnerability intelligence, scanner rules, and threat modeling with its expanding partner network.


"Attack Resistance Management is a fantastic addition to the HackerOne product offering and something we're exploring to continue to mature our engagement with the ethical hacking community,” said Stu Hirst, CISO of Trustpilot. “Ethical hackers have repeatedly proved their value to Trustpilot, finding critical bugs that automated scanning solutions cannot catch. Arming our team with HackerOne’s human insight and combining it with our attack surface management efforts adds another layer of confidence that our attack surface is not just mapped, but covered.”

A new report from the Capgemini Research Institute finds that 51% of industrial organizations believe that the number of cyberattacks on smart factories is likely to increase over the next 12 months. Yet nearly half (47%) of manufacturers say cybersecurity in their smart factories is not a C-level concern. According to the Capgemini report, ‘Smart & Secure: Why smart factories need to prioritize cybersecurity’, few manufacturers have mature practices across the critical pillars of cybersecurity. The connected nature of smart factories is exponentially increasing the risks of attacks in the Intelligent Industry era.
New research reveals majority of large businesses can’t replace unsupported hardware, leaving potential vulnerabilities exposed.
With an unprecedented number of employees now working in hybrid or fully remote environments, compounded by an increase in cyber threats and a more overwhelmed, COVID-19 information fatigued workforce, there has never been a more critical time to effectively create and maintain a cyber-secure workforce and an engaged security culture.
Arcserve has published the first in a series of findings of its annual independent global research study on current experiences and attitudes of IT decision-makers (ITDMs) around data protection and recovery. Key findings from the research show that ransomware attacks continue to impact organisations worldwide with high costs, but they are still largely unprepared. With 50% of respondents targeted with ransomware attacks, the research indicates the critical need for companies to take a new approach to data resilience that fortifies disaster recovery strategies, backup systems, and immutable storage solutions to prevent the loss of mission-critical data.
A survey of WAN managers has revealed that multi-factor authentication and single sign-on are the top zero trust features implemented.
New research shows Log4Shell detections tripled, PowerShell scripts heavily influenced a surge in endpoint attacks, the Emotet botnet came back in a big way and malicious cryptomining activity increased.
Enterprise security solution underpinned by Versa SASE.
Hibernian FC is delighted to announce an innovative multi-year partnership with Acronis, the global leader in cyber protection, and Dunedin IT, one of Scotland's most trusted and experienced technology and connectivity providers providing end-to-end services.