DAST supplier Bishop Fox aims to help organizations manage the attack surface

Securing corporate environments from professional cybercriminals is more difficult than ever before. The attack surface explosion that has taken place in recent years has created a level of defensive complexity that few organizations can sustain.

Last year, NIST reported 18,378 vulnerabilities, a number no security team could manage. With the attack surface grows as cloud adoption increasing, organizations need more scalable approaches to protect the attack surface.

It is for this reason that Bishop Foxa provider of dynamic application security testing (DAST) that provides enterprises with the Cosmos platform, a continuous automated offensive testing solution, today announced it has raised $75 million as part of a Series B funding round led by Carrick Capital Partners.

Bishop Fox’s solution enables organizations to continuously attack surface, and identify high-risk exposures so they can take action to correct them. It also provides live access to dedicated testers. The new funding brings Bishop Fox’s total funding to $100 million.

The need for automation

Modern enterprise networks cannot be secured by protecting endpoints alone. Enterprises must be able to secure assets, including IPs, domains, networks, hostnames, and other externally-facing assets that threat actors can target to gain access to the environment.

The bad news is that many organizations do not meet these requirements. In fact, research shows that nearly 7 in 10 organizations admit to having experienced at least one Cyber ​​attack which started by exploiting an unknown, unmanaged or mismanaged internet-facing asset.

The good news is that attack surface management solutions have the potential to automatically identify vulnerabilities. This allows security teams to address the most risky vulnerabilities first.

“Today’s IT environments are incredibly dynamic, given the rapid proliferation of technologies such as cloud, IoTSaaS and the adoption of agile methodologies – and this means attack surfaces are constantly changing,” said Vinnie Liu, co-founder and CEO of Bishop Fox.

“Unfortunately, traditional solutions were not built for these dynamic environments, missing critical exposures and flooding security teams with false alarms,” said Liu.

Liu explains that organizations should take a preventive, rather than a reactive approach to securing their environments. Rapidly identifying and mitigating vulnerabilities from an attacker’s perspective is now critical to reducing the likelihood of a data breach.

The Attack Surface and Vulnerability Management Market

Bishop Fox is one of many providers under the vulnerability management marketwhich the researchers project will grow from a value of $13.8 billion in 2021 to $18.7 billion in 2026.

One of the main competitors of the organization is: CyCognitoan attack surface management provider founded in 2017, which raised $100 million last year as part of a funding round and a total of taxation of $800 million.

CyCognito’s platform discovers web-facing assets to map risk in a corporate environment,

Another competitor is Randoriwhich IBM acquired earlier this year and most recently raised $20 million as part of a Series A financing round. Randori’s solution is designed to map an organization’s external attack surface. Then, after mapping the attack surface, the platform helps prioritize vulnerabilities so that enterprises can identify the highest-risk vulnerabilities first.

However, Liu argues that Bishop Fox’s diverse approach to vulnerability management is what sets it apart from competitors.

“We are able to discover threats across the full spectrum of organizations’ attack surfaces, given the breadth of our offering. From point-in-time assessments to continuous attack surface testing, we cover multiple offensive subcategories where other providers are limited in their scope or focus on just one subcategory,” said Liu.