Bit Discovery Raises $4 Million Series B as Attack Surface Management Gains Momentum

1.

Over 2 billion Internet-connected assets are listening on ports 80 and 443, each most likely containing some number of vulnerabilities. Do the math.

2.

Most companies remain unaware of the websites they own, what they do, or who is responsible for them. Obviously, you can only scan and secure what …

Read More

20 years ago, I founded WhiteHat Security, a company helped pioneer the Application Security industry and revolutionized vulnerability management. Beyond finding and fixing vulnerabilities throughout the SDLC, we saw that the largest and most important problem all of WhiteHat’s customers faced was attack surface management  — finding all their websites …

Read More

“High-fidelity” is the reproduction of sound with little distortion, resulting in a product very similar to the original. Similarly, in information security, having a clear picture of your attack surface is critical. Breaches happen when adversaries know more than you about your attack surface. These days, you simply cannot afford …

Read More

One might assume it would be common practice within every IT department for there to be a centralized source of truth to easily lookup the primary contact for every IT asset (i.e. network range, hostname, IP address, or domain name).

 
This person, or group of people, is typically referred to …

Read More

Bit Discovery has been tracking the attack surface maps for hundreds of companies for a few years now. In the process we’ve found an interesting use-case. Companies will have assets in their inventory that they were once interested in, then they’ll suddenly say, “these assets no longer belong to us,” …

Read More

Foundational knowledge is information, or a skillset, generally accepted as essential to understanding more advanced cognitive subjects or performing increasingly sophisticated processes. As a simple example, learning basic addition is necessary before taking on multiplication. Familiarity with the fundamentals of TCP/IP is necessary before grasping how ACLs and network firewalls work. …

Read More

I once had a conversation with a Chief Financial Officer (CFO) who said whenever they join a new company, they never know what they’ll find lurking in the financials until well after their first day. They said it’s a little nerve wracking to be unclear about the level of accuracy …

Read More

Back in my days at WhiteHat Security, countless customer conversations would begin with them saying, “We want to [DAST] scan all of our websites.” DAST refers to Dynamic Application Security Testing. To which we’d instantly reply, “Great! Just give us the list, and some test account credentials, and we’ll get …

Read More

Everyone agrees that attack surface management is critically important, as it is the very first step of any information security program. While enterprise interest and market traction for attack surface management is building, it’s curious why every organization doesn’t already have an up-to-date attack surface map. They should! It may …

Read More