YOU’VE NEVER SEEN CYBER-SECURITY LIKE THIS. AND NEITHER HAVE YOUR ATTACKERS.
WHAT IS INCENTER?
Our new product Incenter is the first continuous penetration testing platform of its kind.
The Incenter platform combines multiple solutions in one to enable organizations to make better security decisions and maximize the potential of their security team. Designed to go above and beyond traditional penetration testing, crowd sourcing, penetration testing as a service, and attack surface monitoring. With practically zero deployment time, a continuously evolving range of features, and a focus on helping your organization secure it’s environment, based on how it operates.
It can help your organization develop unparalleled insights, all grounded in the unique context of your business.
OccamSec will work in partnership with you, helping you protect your organization, and what matters to it. Helping you avoid the ever increasing costs of cybersecurity and the need to seemingly replace whatever you have deployed every 24 months.
WHY IS INCENTER NEEDED?
As data and threats continue to increase, cybersecurity has yet to truly adapt to these changes. Multiple tools are often required and data must be fed into various analysis systems. These can then be subject to human errors and ultimately fail to understand the unique context of your business.
Consequently, maintaining an effective cybersecurity posture faces the following shortfalls:
lack of organizational reality
Most vulnerability scanning, penetration testing, attack surface management, crowd sourcing, and automated security validation is done with little to no context of your organization. This leads to difficulties in knowing where to focus resources. Which in turn, has a direct knock-on effect to your risk level.
Good security resources are hard to come by. With shortages constantly forecasted for the foreseeable future, many organizations struggle with finding suitable resources. They then attempt to maximize the capabilities of the ones they have. Those resources then must determine the best way to communicate to stakeholders. A notoriously difficult problem.
Ongoing vulnerability identification and analysis is expensive and cost prohibitive for many. Analyzing that data along with other pertinent risk information, such as threat intelligence and vendor data, requires further expenditure. This, combined with the scarcity of resources, means that cybersecurity is rapidly becoming a zero-sum game.
INCENTER VERSUS OTHERS
Security assessments and vulnerability detection have been undertaken for the past 20 years. What began as broad ‘network’ pen testing, grew to encompass automated scanning and in recent years, crowd-sourced testing (aka bug bounties), attack surface management, pen test as a service, and security validation.
All of which are delivered as siloed, standalone services. Each provides some benefits to organizations but all lack maximized effectiveness and, given the ongoing impact of cyber attacks, gaps remain. So, rather than slicing solutions ever thinner, Incenter combines the benefits of current approaches and improves on them.
|Incenter||Penetration Test||Crowd Sourcing||Vulnerability Scanning|
|Useful remediation guidance|
|“Low hanging fruit”|
|Complex issue discovery|
|Incentive to find non-critical issues which may ultimately be high risk|
|Accredited testing organization|
|Third-party risk data|
|Integration of other security technologies and processes|
|All testers are full time employees|
As a platform, Incenter’s ongoing development will combine even more security and business data. The aim is to take an organizations existing security investment in people and technology and maximize its potential.
THE RISK: YOU CAN SPEND A LOT OF MONEY ON SECURITY,
ONLY TO LEARN YOU HAVE TO SPEND MORE MONEY ON SECURITY.
For over 10 years we have conducted penetration tests, red team assessments, application security assessments, physical security assessments and social engineering assessments for some of the world’s most demanding organizations.
We help fix what we find. We don’t just leave our clients with problems, we continually build on all the assessments we have performed. At the same time, we have always strived to help whoever we could, no matter their size or budget.
We’ve seen what works, what doesn’t, could, and will never work.
This led us to develop a platform that combines the best of human security testers with high levels of automation, to deliver a solution that works for you.
how does incenter do this?
Combining human expertise with technology
Using a combination of automated testing together with manual security knowledge, we can uncover a larger range of potential issues and determine those that are most likely to harm your organization. So nothing is missed.
Assessing every location
Sensitive data is now on-prem, in the cloud, on mobile devices and many other locations. To assess the risk facing your organization, all these locations need to be examined. Incenter provides attack surface monitoring across the entirety of your data’s locale. It can also be used to provide ongoing assessments of specific areas, utilizing the abundance of benefits the platform offers.
Understanding your organization
Additionally, Incenter affords real-time results and remediation guidance. All in the context of how your organization operates. With limited resources and context, other security groups drown in noise. This causes a problematic dilemma to determine how to assign funds. Incenter ensures achieving the maximum efficiency of your resources.
HOW CAN INCENTER HELP YOU?
Building a good business and reputation can take years and maximum effort. A few minutes from a cyber attack can unfortunately damage all that hard work. Sadly, that is why many organizations panic-buy unnecessary security tools and services. It’s a minefield.
So, when it comes to protecting what matters most, the questions are: Where do you spend? And how do you spend it? Incenter is designed to provide those answers by combining tools like Penetration Testing, Vulnerability Scanning, Threat Intelligence and many more into one platform. And all entirely focused on usability. So, engineers and executives alike understand the risks and solutions ahead. Ultimately, Incenter provides the protection you need, while simultaneously making the most of every penny spent.
But that’s not all.
Incenter also combines all this technology with people. Automated efforts are never the only answer. Skilled technical personnel are on hand to uncover complex vulnerabilities and quickly determine what is less important, versus what could become a larger more expensive issue.
BUT WHAT HAPPENS IN THE FUTURE?
We know the biggest issue with any security solution is stagnation; the initial benefits subside over time and the provider must then squeeze ever more margin out of their aging product. This means more money on marketing and less on developing improved functionality.
Our plan for Incenter is different.
We realize that cybersecurity risks continue to evolve. And so our platform must evolve too. We will continue to perform extensive technical penetration testing for our clients, additional vulnerability research and widespread intelligence gathering activities. Incenter will continue to benefit and evolve from our work, implementing new functionality to enable both security and non-security personnel to have visibility into their cyber risks. Helping everyone understand the potential impact to operations and any decisive action required.
We believe that cybersecurity challenges will not be solved by multiple niche solutions, but rather by an approach combining data from multiple areas. Incenter’s roadmap includes the integration of the following and more:
- Third party ratings (although at this point everyone is a third party to someone, so it’s simply ratings).
- Threat Hunting and Incident Response data
- Relevant SEC and other regulatory body data
- Relevant regulatory and compliance data
On the back-end, machine learning is constantly being developed and deployed. This, when combined with our technical expertise and existing platform, makes Incenter a formidable platform to help organizations navigate the future. Whatever the future brings.
DON’T JUST TAKE OUR WORD FOR IT...
To see how Incenter has already helped others, here are some case studies. For security reasons we do not provide the names of our clients. To do so, would be poor operational security and provide our client’s attackers with useful information. References can be provided upon request.
Click the plus icon to expand and read the case study.
Continuous testing for Devops
At a glance
Industry: Financial Services
Challenge: Identify vulnerabilities in a continuous development process.
Vulnerability scanning is too scattergun, traditional pen testing too inflexible and cost prohibitive at scale.
Results: Multiple high-risk vulnerabilities identified as well as ongoing assessment validation provided to organizations clients.
Operating globally with a development team spread across multiple time zones, the organization operates in various financial services areas. They provide a range of services to clients, many of whom rely on the organizations applications to conduct their business.
Devops provides an ongoing release of applications and code into the environment in order to meet client requirements and provide new features. No matter how good the SDLC process is, security vulnerabilities were still manifesting in production applications. Given the profile of some of these applications and the business criticality, effective vulnerability identification and analysis was crucial.
Automated vulnerability scans were able to identify a large number of issues, however the majority were either low hanging fruit or false positives. These scanning tools were unable to identify complex vulnerabilities. On the flip side, penetration testing was effective at finding issues at a single point in time, however the ongoing release of new code into production meant that by the time a report was issued, the issues had either been remediated or were out of date.
In order to maintain their competitive advantage, the organization needed to be able to test applications to a depth which could uncover complex attacks. As much as possible, this needed to happen on an ongoing basis.
Additionally, the organization had to give reports to its clients to provide reassurance that applications were being tested.
The organization decided to use Incenter for testing of high-risk applications. Applications were on-boarded and testing kicked off within an hour. Results were provided after the first day, with immediate reporting of issues provided via the Incenter portal. The benefits were immediately visible and the organization increased its usage of the platform by over 100% within the first month of use.
The organization’s application security team were struck by the range of issues that were identified, including complex exploit chains that led to compromises of critical data. The team began to refer to the platform as one for automated penetration testing and immediately began recommending the platform to their peers.
Also of immediate benefit was the business context data the platform was able to provide. No longer were vulnerabilities rated in a generic way with no consideration for the organization and how the asset was used. Instead, business critical data was utilized and the security team were able to easily demonstrate the actual impact an issue could have, leading to better prioritization of resources.
Thanks to the Incenter platform, the organization’s security team are quickly alerted to any vulnerabilities affecting their applications. All with full details on discovery, exploitation, business context and remediation.
Furthermore because of OccamSec’s ongoing security work, the organization also benefits from relevant intelligence alerts and support with a variety of other security issues they face.
As Incenter continues to evolve, additional benefits are planned including threat hunt integration, third party risk assessments and a variety of intelligence feeds into the platform.
Large pen test
At a glance
Challenge: How to test over 400,00 systems and applications in less than 3 months. Testing had to go beyond automated scanning. Crowdsourcing was not a viable solution (trusted resources were required) and a monolithic report for all targets wasn’t going to work.
Results: All systems were tested. Multiple critical issues and exploit chains were identified and reporting was immediate. Functionality was also added to the system during the engagement to produce a variety of attestation reports as needed.
Operating in multiple verticals and continuing to expand, the organization was a large media company providing both B2B and B2C services. Operating in a number of divisions, each ran a variety of systems with ad-hoc connectivity between them.
The sheer number of systems presented a variety of problems for effective testing. This was further complicated by different divisional requirements, security teams, and technologies. The time-frame was also an issue as there was a hard deadline for completion of the work.
A monolithic penetration test report with large numbers of issues delivered at the conclusion of the project was also not practical. The problem was further compounded by the need to apply business context to any findings in order to ensure that the most critical were dealt with. Criticality being defined as actual business impact, not theoretical impact if the stars aligned for an attacker.
Finally, cost was a consideration given the large attack surface. While not expecting the exercise to be cheap, there were concerns that traditional penetration testing was going to incur considerable costs, especially if the aforementioned giant report was going to be produced.
The Incenter platform was utilized for the assessment. Automating testing and validation was used where possible and augmented with manual testing where required. Information was collected on system criticality from a range of sources and used when assessing the severity of a vulnerability.
All target systems and applications were tested and multiple vulnerabilities identified including 0-day issues. Several exploit chains were uncovered which led to internal system compromises and exposed critical data.
Report enhancement already on the roadmap for Incenter were moved forward to assist the client in meeting their requirements for the project. OccamSec’s development team worked with the organization to determine what was needed and quickly implemented the functionality.
The platform also provided a mechanism to track remediation, without the need to export to other systems. Re-testing could be undertaken as and when needed and the results immediately updated in the dashboard.
Testing was completed on time and a range of issues discovered. Utilizing Incenter reduced the time needed to conduct the assessment, as well as providing ongoing tracking of issues as they were identified. Furthermore, Incenter’s probability of breach analysis allowed the organization to compare the security posture of each division and determine where focus was needed.
On-demand retesting ensured that this security posture assessment was kept up to date, enabling further changes to focus as required.
The data continues to be stored in the platform with vulnerability ratings being adjusted in response to new information being released and vulnerabilities being discovered.
Security budget reduction exercise
At a glance
Challenge: Reduce security expenditure due to an ever-growing technical footprint and current solutions becoming cost prohibitive. No reduction in services was acceptable and return on investment for the solution had to be demonstrable.
Results: Multiple security tools were replaced with Incenter and capabilities were actually increased. Vulnerabilities were uncovered that previous solutions had not detected. Plus, Incenter’s ongoing evolution continues to provide further opportunities for actual cost reduction.
A manufacturer operating nationally. This organization had a number of divisions producing a diverse range of products. Over the years the technical environment had grown complex and the rise of IOT presented a range of new problems. Current security solutions were going to be cost prohibitive to deal with, and even then, the level of assurance was questionable.
Incenter was able to replace several existing solutions and processes, most notably automated scanning tools, results tracking, and penetration testing services. The economies of scale provided by one integrated solution was immediately visible.
Initially, one division was used to pilot the platform. Several previously undiscovered vulnerabilities were uncovered, one which allowed an attacker to pivot internally and ultimately lead to domain Administrator access being obtained.
From here, all divisions were quickly on-boarded (in less than a month) and no deployment was required. One additional note was that all testers were required to undergo background checks due to corporate compliance requirements. Since all testers were full-time employees of OccamSec, this had already been performed and details were provided. This also enabled the organization to conduct a range of internal assessments, providing OccamSec personnel with VPN access and allowing them to test internal systems. Again, results were stored with Incenter.
Obviously cost savings were of paramount important and were achieved. While Incenter is not cheap compared to the ever-growing silo of security tools, an integrated platform can provide obvious cost savings. Furthermore, because OccamSec is a security company first and applies real-world lessons to the platform, it ensures that it actually solves problems and is not being developed in an engineering vacuum. Our developers work with our penetration testers, threat hunters and intel specialists and this benefit was passed onto the client.
The client has subsequently requested other features, many of which were already on the Incenter roadmap and are planned to be implemented (yes, we know everyone has a “roadmap” doesn’t mean we don’t actually meet ours).
HOW DO I FIND OUT MORE?
The benefit of a cybersecurity platform that includes smart technology combined with smart people means you are also being smart with your budget.
And let’s face it, anyone involved in putting Incenter in place is going to look very smart too.
So get in touch to discuss how we can help your business needs.