Detectify Launches New Custom Policies Overview for Improved External Attack Surface Management
Friday, November 25, 2022
STOCKHOLM, Nov. 17, 2022 /PRNewswire/ -- Detectify, the External Attack Surface Management platform powered by elite ethical hackers, today announced Custom Policies Overview, a new tool allowing organizations to quickly and easily enforce custom security policies across the entire attack surface, improving security postures at the speed of business. The automated solution enables organizations to set customizable policies for every asset based on various business conditions, discovering violations of corporate policies and remediating critical vulnerabilities before they become exploitable.
Every organization has its own security workflows and different criteria for determining acceptable risk. Ensuring an organization's external attack surface adheres to specific internal security policies however is a major challenge. Most attack surface management solutions use one-size-fits-all approaches, only triggering alerts if they identify publicly disclosed vulnerabilities with assigned CVE scores. Unfortunately, since many critical vulnerabilities never receive CVE scores, only testing for publicly disclosed vulnerabilities is an incomplete approach that leaves the business vulnerable. Furthermore organizations often add assets or technologies to the attack surface without ever alerting the security team, eliminating any guarantee that the assets meet corporate security standards. This leads to policy breaches that can go undetected for days, months, or even years, representing massive risk to the business.
"Shifting left," and introducing security testing earlier, is a common solution that many DevSecOps teams attempt in an effort to catch vulnerabilities pre-production. However, Detectify research shows why this approach is not feasible for organizations with large, dynamic attack surfaces:
-- It assumes a linear development process which few companies have - 41%
of companies surveyed believe shifting left is not feasible and a
further 58% believe it can only be applied in specific instances.
-- While shift left only introduces minutes into the development process,
it can take hours to resolve severe vulnerabilities in production,
thereby increasing the risk associated with the vulnerabilities that
make it through development.
-- It forces organizations to rely upon public rating systems and
disclosure processes (e.g. CVSS and CVE) for prioritization. However
35% of the vulnerabilities reviewed by Detectify's private network of
ethical hackers did not have a CVE assigned.
Custom Policies Overview gives security teams the ability to create customizable policies that automatically identify violations of corporate policies as soon as they are brought online. Many security companies offer rigid solutions, forcing customers to choose from a menu of pre-set conditions that often do not apply to their business. Detectify is the only vendor that allows security teams to run policies on security headers at scale, automatically identify open ports that, according to company policy, should be closed, and more. Custom Policies Overview is truly custom, built upon rules that customers define for themselves based upon their own business context.
"Security is not one-size fits all," said Rickard Carlsson, CEO and Co-Founder, Detectify. "No one has an entirely linear development process, and every organization has a different definition of acceptable risk. Security teams need to apply their own unique security policies for corporate assets based upon business context. Doing this manually is time intensive and not scalable, leading to bottlenecks. Custom Policies Overview allows security teams to enforce security best practices without slowing down critical business operations."
Using an "IF-THEN" structure, Detectify brings visibility back to security teams, providing real-time insight into anomalies in production before they become risks even if security was not part of the development process, allowing security to enforce security best practices without becoming gatekeepers.
Custom Policies Overview is available now. For further information visit detectify.com/attack-surface-custom-policies
About Detectify
Detectify sets the standard for External Attack Surface Management (EASM), providing 99.7% accurate vulnerability assessments. Product security and AppSec teams trust Detectify to expose exactly how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks crowdsourced through its global community of elite ethical hackers, exposing critical weaknesses before it's too late. Go hack yourself: detectify.com
Media Contact
Will Clark
fama PR for Detectify
E: detectify@famapr.com
View original content:https://www.prnewswire.com/news-releases/detectify-launches-new-custom-policies-overview-for-improved-external-attack-surface-management-301681608.html
SOURCE Detectify
|
|
|
|
|
 |
Identiv Completes Thailand Manufacturing Transition, Unlocking Next-Generation Multicomponent Manufacturing for Advanced IoT Solutions | Jan 22, 2026
|
|
New Report Names States Most Vulnerable to Holiday Scams | Jan 22, 2026
|
|
Truvista Fiber Acquires SlyTel | Jan 22, 2026
|
|
Android Mobile Adware Surges in Second Half of 2025 | Jan 22, 2026
|
|
Breakthrough Progress: METiS TechBio Publishes Consecutive Research Findings in Nature Communications and the Journal for ImmunoTherapy of Cancer | Jan 22, 2026
|
|
Guardz 2025 SMB Cybersecurity Report: Nearly 50% of U.S. Small Businesses Have Been Hit by Cyber Attack | Jan 22, 2026
|
|
Healthcare Industry Executives are Likely to be Personal Targets of Cybercrime | Jan 22, 2026
|
|
pgEdge Announces pgEdge Agentic AI Toolkit for Postgres | Jan 22, 2026
|
|
LG ELECTRONICS INTRODUCES 2026 LG GRAM LINEUP ELEVATED BY AEROMINUM | Jan 22, 2026
|
|
Global Cyber Alliance Identifies Five Cybersecurity Forces That Defined 2025 - And Will Shape 2026 | Jan 22, 2026
|
|
|
