Sivan Harel, Pentera: security teams must validate their cybersecurity solution by testing them
July 2023 by Marc Jacob
At Les Assises, using IKEA furniture as an example, Amitai Ratzon, CEO of Pentera, will demonstrate how security teams can improve their preparedness against cyber threats before the battle even begins. Thus, his conference will focus on Automated Security Validation. For Sivan Harel, VP Sales, EU North, South & MEA of Pentera believes that security teams must validate their cybersecurity solution by testing them.
Global Security Mag: What will you be presenting at the Assises de la Sécurité?
Sivan Harel : At Pentera we see driving simplicity in the cybersecurity industry as one of our roles as innovators. As the threats and complexity of cybersecurity continue to increase, we require a new, radical approach to information security. The success story behind IKEA comes down to simplicity, affordability, and innovation. We try to apply the same principles to cybersecurity and specifically the practice of security validation.
In our session, Pentera CEO Amitai Ratzon will discuss such an approach, illustrating how DIY security validation, leveraging automation technology, is set to revolutionize and simplify security validation at large. Using IKEA furniture as an example, Amitai will demonstrate how security teams can improve cyber readiness to even out the cyber battle before the fight.
GS Mag: What will be the theme of your conference this year?
Sivan Harel : Our theme is Automated Security Validation. Every day, security teams are challenged with detecting and eliminating security gaps across a continuously expanding attack surface. Our adversaries are constantly seeking opportunities to exploit the vulnerabilities in our environments. Despite substantial investments in cybersecurity, organizations often struggle to identify exploitable gaps in their security. They lack sufficient visibility and understanding of potential attacks that adversaries may employ to breach their digital assets.
Automated Security Validation ensures that organizations are able to maintain a strong security posture and validate their existing security controls at-scale.
Pentera emulates the real-world techniques of malicious hackers across the entire IT attack surface. The agentless, rapidly-deployed platform continuously challenges existing cybersecurity controls with the latest attack techniques.
GS Mag: How will your offering evolve in 2023/2024?
Sivan Harel : Backed by a team of 30 security researchers, Pentera’s automated security validation engine is constantly updated to ensure that our users are validated against the latest attack techniques and tactics. By emulating the techniques and tactics of hackers, Pentera is able to identify where malicious actors can bypass the security controls of the organization and where they would land eventually through lateral movement. This approach allows for cost-effective, evidence-based remediations, aligning to the risk of the customer’s business, rather than focusing on the theoretical severity of vulnerabilities.
Whereas other security solutions focus on either the external or internal attack surface, Pentera combines both to provide an unparalleled understanding of the cybersecurity kill-chain. Pentera challenges your entire attack surface starting from, emulating the attack on the external-facing assets, then moving laterally all the way to the “crown jewels” of the core network. This enables security teams to understand exactly how an attacker would behave in an environment.
We are the only company on the market that enables real-world testing in a live production environment. Our safe-by-design solution showcases exactly how hackers can exploit the network without any impact to business continuity.
Over the past two years we’ve introduced new capabilities to mitigate the impact of growing threats such as ransomware as well as leaked credentials. To meet the challenges of the ever-evolving threat landscape, Pentera is constantly adding relevant capabilities, attack surfaces, and techniques to its platform. We will continue to innovate and add solutions to complement our existing solutions to ensure our users are validated against the various threats that come their way.
GS Mag: What will your overall strategy be (marketing, product, recruitment, etc.) for 2023/2024?
Sivan Harel : Pentera’s goal is to continue the unbelievable growth we’ve experienced over the past few years. Since closing our last funding round and becoming a Unicorn in early 2022, we’ve more than doubled our headcount to 350 employees, and we’re still hiring. We have over 20 positions open around the globe, and are always looking for the right people to join our team.
Pentera has recently broadened its reach by establishing local offices in APAC and Latin America, solidifying our presence in these regions. In addition to adding new markets, Pentera is also expanding in local European regions, including growth to support the French and Benelux markets. These strategic expansions signify our commitment to supporting our existing customers while driving global growth. At Pentera, our mission is to ensure that every organization has access to best-in-class automated security validation solutions.
GS Mag: What is your message to CISOs?
Sivan Harel : Don’t trust your security. Validate it. One of the biggest problems in cybersecurity is that while many companies implement the top security solutions, they can’t be sure of their effectiveness in the moment of truth. By emulating real-world attack techniques, Pentera’s Automated Security Validation platform provides security teams with the tools to continuously challenge their existing cybersecurity controls. Our solution validates that your security is performing, and highlights what needs to be fixed based on true business impact. Pentera then generates an actionable report that provides a roadmap for security teams to reduce their exposure as well as benchmark the performance of their security over time.