Pentera

Pentera’s platform now discovers and prioritizes exploitable security gaps across both cloud and enterprise networks production environments

Boston, March 5, 2024 – Pentera, today announced the general availability of Pentera Cloud as part of its automated security validation platform to complement its renowned Pentera Core and Surface products. 

Pentera Cloud is the first software product enabling on-demand security testing and resilience assessment of corporate cloud accounts against cloud-native attacks. As part of Pentera’s automated security validation platform, Pentera Cloud empowers security teams to reduce exposure to cloud-native attacks stemming from anywhere in the IT attack surface: On-premises, external, and cloud.“

The market for Continuous Threat Exposure Management (CTEM) is rapidly accelerating. Organizations are aligning their security efforts to account for business and cyber exposure that is increasingly moving to the cloud,” said Ran Tamir, Chief Product Officer at Pentera. “Pentera is taking security validation to the next level. The introduction of automated cloud pentesting ensures that organizations can continuously identify and remediate proven cyber exposure to maintain security readiness as they advance their cloud migration journeys.”

As organizations continue to embrace the cloud, they redistribute a greater proportion of their risk to their cloud environments. Threat actors are increasingly targeting cloud assets, and today research shows that 82% of breaches involve data stored in the cloud. Compounding the challenge is that many organizations operate hybrid environments that utilize a mix of multiple cloud providers and on-premises infrastructure. These deployments enhance operational flexibility but they also increase the number of possible attack vectors. 

Pentera Cloud introduces automated pentesting designed for the scale of modern attack surfaces and the speed of dynamic cloud environments. Emulating real threat actor tactics and techniques, Pentera Cloud challenges security controls to identify exploitable gaps across AWS and Azure environments. Examples for exposures that are found by Pentera Cloud include identity compromise, role privilege escalation, lateral movement to PaaS workloads and remote code execution. “

Pentera’s continuous validation has become a real benchmark for the testing we do within our enterprise networks, and with the introduction of Pentera Cloud we are looking to expand those capabilities to our cloud-native environments,” said Joseph Gothelf, VP, Cybersecurity at Wyndham Hotel & Resorts. “Today we aim to ensure that any vulnerabilities or misconfigurations that exist in our network are tended to in a timely fashion. Whenever we’re interested in testing a specific use-case, Pentera’s on-demand testing provides that added value so we don’t need to find pentesters to ensure continued resilience throughout our Cloud journey.”

With Pentera Cloud organizations benefit from:

Automated cloud attack emulation: Pentera Cloud automatically maps the organization’s AWS and Azure environments, identifying cloud resources, identities, workloads and data. The algorithmic engine emulates cloud-native attacks, including moving laterally across workloads, to test the organization’s resilience against cloud attack techniques mapped to the MITRE ATT&CK framework.

Cross Attack Surface Testing – Increasingly complex hybrid environments open new possibilities for malicious hackers to gain a foothold within an organization. Pentera Cloud applies the creativity of experienced threat actors, utilizing data discovered within your cloud ecosystem to move laterally to exploit on-premises environments. And vice versa.

Evidence-based remediation: Pentera Cloud leverages kill-chains analysis and the unique context of the organization’s cloud environment to validate exposure and provide prioritized remediation guidance accordingly.

Augmenting existing cloud security suite – Pentera Cloud complements cloud security solutions such as Cloud Security Posture Management (CSPM) and Cloud Native Application Protection Platforms (CNAPP) by validating the exploitability of enumerated risks. Pentera Cloud eliminates false positives to increase remediation efficiency.

Increased productivity – Security teams can now integrate Pentera Cloud test runs in their continuous security validation program, augmenting manual efforts and scaling across cloud regions with ease.

To schedule a demo and learn more about Pentera Cloud please visit: https://pentera.io/pentera-cloud

The company was also named as a Sample Vendor for External Attack Surface Management (EASM)

Boston, August 9, 2024 – Pentera has been named a Sample Vendor in the Adversarial Exposure Validation (AEV) category of the Gartner Hype Cycle for Security Operations, 2024. This represents Pentera’s fourth consecutive year as a Sample Vendor in this report. Pentera sees this as a recognition of the pivotal role the company plays in the adversarial validation domain.“

We are proud to see the security community’s growing adoption of the adversarial emulation and validation that Pentera has been pioneering since entering the market in 2018,” said Aviv Cohen, CMO of Pentera. “Pentera has revolutionized the adversarial approach, enabling on-demand, continuous security validation across the entire enterprise attack surface. Over 1,000 enterprises worldwide already rely on Pentera’s platform to test the effectiveness of their security controls and reduce cyber exposure.”The Hype Cycle™ for Security Operations, 2024 consolidates Breach and Attack Simulation (BAS) and Autonomous Penetration Testing and Red Teaming, under the newly established category of Adversarial Exposure Validation. The grouping of these technologies simplifies and redefines the adversarial perspective of security risk under the governance of the Continuous Threat Exposure Management (CTEM) framework.

According to the Gartner Hype Cycle “Adversarial exposure validation confirms a potential exposure to a specific threat by taking the attackers’ view. It evaluates the efficacy of attacks through deployed security controls and can highlight vulnerable paths leading to the organization’s most critical assets. This helps security teams prioritize strategic initiatives and evaluate the value of their acquired technologies. It complements exposure assessments and provides a way to continuously execute attack scenarios.”

Pentera’s second consecutive appearance fueled by 520% increase in Annual Recurring Revenue (ARR) since 2021

BOSTON, August 26, 2024 – Pentera, the leader in Automated Security Validation, is celebrating consecutive appearances as one of America’s fastest-growing private cybersecurity companies on the Inc. 5000. With the growing market for security validation and Continuous Threat Exposure Management (CTEM), Pentera has doubled its ARR each year, and recently surpassed 1,000 customers in production.“With the emergence of the CTEM framework, organization’s are increasingly relying on Pentera to test the effectiveness of their security controls,” said Aviv Cohen, CMO of Pentera. “With Pentera, security teams can focus their remediation efforts on the proven critical security gaps to reduce exposure.”

In addition to its remarkable growth over the past few years, Pentera has introduced several groundbreaking solutions to tackle the evolving challenges in cybersecurity. In early 2024, Pentera expanded its platform with Pentera Cloud, enabling enterprises to validate the security of their cloud and hybrid environments. The company also announced significant upgrades to its RansomwareReady and Credential Exposure modules to ensure organizations can continuously validate the effectiveness of defenses against the latest ransomware attacks as well as the threat of compromised credentials.

About Pentera

Pentera is the market leader in Automated Security Validation, empowering companies to proactively test all their cybersecurity controls against the latest cyberattacks. Pentera identifies true risk across the entire attack surface, guiding remediation to effectively reduce exposure. The company’s security validation capabilities are essential for Continuous Threat Exposure Management (CTEM) operations. Thousands of security professionals around the world trust Pentera to close security gaps before threat actors can exploit them.

For more information, visit: pentera.io