Pentera Launches Attack-Based Validation for Exposed Credentials to Prevent Compromised Credentials Breaches
Pentera, the leader in Automated Security Validation, announced Credential Exposure, a new module on the Pentera platform for testing stolen and compromised credentials against the complete enterprise attack surface.
Leaked and stolen credentials pose a critical risk to organizations everywhere. The 2022 Data Breach Investigations Report (DBIR) indicates that over 80% of Web Application breaches involve compromised credentials. Every year, billions of credentials appear on the dark web, paste sites, and in data dumps shared by cyber-criminals. These credentials are often used for account takeover attacks, exposing organizations to breaches, ransomware, and data theft.
Recommended AI News: Omnicom Precision Marketing Group Leads Forrester’s Creative Agency Assessment
The Pentera platform combines real-world leaked credential data with its active validation engine to challenge both internal and external attack surfaces. The platform leverages these hashed or clear text credentials in millions of attack vectors, and provides actionable credential exposure mitigation steps such as password reset, or hardening users’ MFA policies and limiting privileges at risk in near real-time.
“We see a dramatic increase in identity related threats, specifically in the number of leaked credentials available to attackers. These, alongside credential stuffing techniques allow attackers to gain access to valid accounts, resulting in a breach” said Ran Tamir, Chief Product Officer at Pentera, “By integrating leaked credentials threat intelligence into Pentera, we offer our customers a unique solution of actionable threat intelligence based on credentials that are already available online. This enables continuous validation of account exposure and a remediation plan before the accounts are compromised”.
Recommended AI News: 1 in 3 Employees Do Not Understand the Importance of Cybersecurity at Work
[To share your insights with us, please write to sghosh@martechseries.com]
Comments are closed.