Menu
Washingtoner
  • Home
  • Health
  • Books
  • Artificial Intelligence
  • Business
  • Construction
  • Technology
  • Ai Memory
  • Publishing
Washingtoner

Cyberpion Reveals A Quarter of Fortune 500 Companies Have Exploitable Vulnerabilities in their External IT Network
Washingtoner/10132666

Trending...
  • Sara Abbas Receives "Eniochos" Charioteer Award at 2026 Who is Who International Awards
  • Homicide Investigation – 1000 block of South Tacoma Way
  • PropAccount.com Adds Prediction Markets to Its Multi-Asset Prop Firm Platform
KIRKLAND, Wash. and TEL AVIV, Israel, Sept. 14, 2021 /PRNewswire/ -- Cyberpion, a cybersecurity pioneer in external attack surface management (EASM), today presented research showing that nearly three quarters of Fortune 500 companies' IT infrastructure exists outside their organization, a quarter of which was found to have a known vulnerability that threat actors could infiltrate to access sensitive employee or customer data.

Key research findings:
  • 73% of Fortune 500 companies' total IT infrastructure is external to the organization, of which 24% is considered at risk or has a known vulnerability
    • The total IT infrastructure includes the IT assets that are owned and operated by vendors the Fortune 500 enterprises incorporated into their online footprint
    • These IT assets include servers, cloud storage, CDNs, DNS (Domain Name Servers), email servers and other online elements
  • 71% of total cloud-based IT assets are external to the organization, of which 25% failed at least one security test
    • An example of cloud vulnerability includes cloud storage configured to allow anyone to read or write its contents
  • On average, a Fortune 500 company's infrastructure contains 126 different login pages for either customer or employee portals or services - the highest number was over 3,000
    • Nearly 10% of these login pages are considered insecure due to the transmission of unencrypted login data, or issues with SSL certificates, which helps ensure that the submission is being sent to the authorized destination
    • 30% allow transmission over HTTP
    • 12% have invalid certificates/encryption
    • Hackers exploiting these logins could access a wealth of sensitive employee or customer data
  • Fortune 500 organizations connect to an average of 951 cloud assets, of which nearly 5% are vulnerable to severe abuse
    • For example, a misconfigured AWS bucket could allow hackers to read or overwrite the data which could be customer PII or application code
    • The largest exposure was well over 30K cloud assets

Cyberpion collected these results by performing a cursory single-pass scan of the public and internet-facing assets of every Fortune 500 company in the first half of 2021.

More on Washingtoner
  • Heavy Duty Journal Surpasses 1000 Technical Articles for Diesel Technicians and Fleet Managers
  • Kolbus Introduces the Next Step in Casemaking Efficiency
  • Spokane: Camp Sekani Update 7/9/26
  • Florida Law Advisers, P.A. Named Best Divorce Firm of 2026 by Expert Law Attorneys
  • Sahar Education Invites You to Celebrate Afghan Culture and Community

According to Gartner1, "EASM is an emerging concept that is growing quickly in terms of awareness within the security vendor community but at a slower pace within end-user organizations...They help security professionals identify exposed vulnerabilities from known and unknown enterprise assets and prioritize the most critical issues to be tackled...EASM should be part of a broader vulnerability and threat management effort aimed at discovering and managing internal- and external-facing assets and their potential vulnerabilities."

Traditional third-party risk management solutions have focused exclusively on the vendors and the IT infrastructures that are directly connected to the enterprise. This approach ignores the true scale of the problem and represents only the tip of the iceberg. Third-party vendors have also adopted a distributed IT infrastructure, and have built their applications and services using their own vendors and third-parties. Those in turn build their solutions upon even more partners. This extensive ecosystem creates an external attack surface that is uniquely appealing to hackers to attack, and extremely complicated for enterprises to manage securely.

Hackers are finding it easier to takeover or exploit the vulnerabilities in the third-party assets within the enterprise's ecosystem in order to carry out attacks such as: malicious code injection (Magecart-style attacks), DNS hijacks, or abusing the branded assets of an enterprise. These breaches ultimately lead to data loss, brand reputation damage, and stolen customer data for the enterprise.

"Security teams often can't effectively defend against attacks stemming from third-parties because they lack visibility into the total inventory and volume of assets they are connected to," said Cyberpion CEO Nethanel Gelertner. "They are unaware of the exposure to these external vulnerabilities, and can't identify and mitigate against these risks. In addition, the growth of these interconnected assets continues to explode due to trends in cloud-first architectures and digital transformation initiatives, meaning that assessing and protecting the attack surface has become even more challenging over time."

More on Washingtoner
  • Homicide Arrest – 1000 Block of South Tacoma Way
  • City of Spokane, Catholic Charities Showcase Innovative Homeless Outreach Program at National Conference
  • MD Marine Electric Announces Rebranding as MD Electric Group
  • Sounds of LA County: 27 Parks.108 Concerts. One County
  • Only One Flight Stands Between Los Angeles Youth Leaders and a Life-Saving Mission in South Africa

About Cyberpion

Cyberpion solves the rising cybersecurity challenge of understanding the risks and vulnerabilities of your connected online assets that form an external attack surface. Knowing how your organization is vulnerable, where those threats come from, and what infrastructures are at risk, is critical to preventing an attack before it happens. Cyberpion helps organizations mitigate these advanced threats by continuously monitoring, discovering, and assessing the threat vectors present throughout online ecosystems that exist outside the traditional security perimeter. With an R&D team based in Israel, the company is funded by leading cybersecurity venture capitalists. To learn more, visit cyberpion.com.

For more information, please contact:
Josh Turner
Si14 Global Communications
josh.[email protected]

1 Gartner, "Emerging Technologies: Critical Insights for External Attack Surface Management" by Ruggero Contu, Elizabeth Kim and Mark Wah, March 19, 2021

SOURCE Cyberpion
Show All News | Disclaimer | Report Violation

0 Comments
1000 characters max.

Latest on Washingtoner
  • A Better Way to Find a Real Estate Agent Is Coming Soon
  • Talentica Software Earns a Place Among India's Top 100 Great Mid-size Workplaces 2026
  • Spokane: Behavioral Health Unit Expansion
  • Socialhose Launches TikTok Investigator, a Platform for Investigating TikTok Live
  • David Pedrol named Managing Director in Indonesia
  • AutomationIQ Launches to Bring Enterprise-Grade AI Automation to Local and Mid-Market Businesses
  • City of Tacoma Continues Working on 'Roadmap to Recovery'
  • City of Tacoma Awarded $7.6 Million BUILD Grant for Environmental Analysis and Final Design Phase of Fishing Wars Memorial Bridge Replacement Project
  • Spokane City Council Legislative Meetings Now Wednesday Evenings
  • Texas Hospitals & Their Patients Describe Two Very Different Healthcare Systems, New Social Knowing
  • The Story Tree Literacy Project Seeks Publishers and Librarians to Help Children Become Polyglots
  • Discard Junk Removal Named #1 Junk Removal Company in Sacramento Out of 189 Businesses Evaluated
  • Spokane: Firefighters Prevent Extension During Fast-Moving House Fire
  • J&J Exterminating Mourns the Passing of Founder Bobby John Sr
  • Delirious Comedy Club Transforms Into Las Vegas' Newest Live Comedy Studio With Weekly Delirious TV Tapings
  • BitTitan Advances MigrationWiz with New Capabilities, Platform Enhancements, and Product Leadership Update
  • Sara Abbas Receives "Eniochos" Charioteer Award at 2026 Who is Who International Awards
  • Detained at 95: South Korea's Prosecution of a Religious Leader Draws International Alarm
  • CCHR: DOJ Takedown Exposes Over $220 Million Defrauded in Behavioral Mental Health Fraud Schemes
  • Lady Liberty Is Coming Home: Historic WWII A-26 Invader Begins Her Final Journey to the Tulsa Air & Space Museum
_catLbl0 _catLbl1

Popular on Washingtoner

  • Spokane: Construction Will Impact South Stevens Street - 119
  • Kasinohai Audit: Most Slots Could Be Affected by Finland's Draft Gambling Rules - 112
  • Why More Phoenix Families Are Turning to Private Autopsy Services for Answers - 105
  • Spokane: SPD Participate in High Visibility Enforcement During Hoopfest Weekend - 104
  • City of Tacoma Observes Independence Day - 103
  • Tacoma: Planning Commission Seeks Community Feedback on Draft Changes to Off-Street Parking Code - 102
  • June Employment Report Reveals Hidden Weakness Beneath Lower Unemployment
  • TBM Council Launches 2026 State of Technology Business Management (TBM) Survey
  • Make America French Again Launches National Campaign
  • Wagga Trucks set to expand to the Canberra Region as authorised dealer for Volvo, UD & Mack along with Freighter Group Trailers

Similar on Washingtoner

  • Mr. Hospital Bed Helps Home Care Buyers Find the Right Hospital Bed
  • Heavy Duty Journal Surpasses 1000 Technical Articles for Diesel Technicians and Fleet Managers
  • Florida Law Advisers, P.A. Named Best Divorce Firm of 2026 by Expert Law Attorneys
  • World Cup Crowds Are a Stress Test for America's Restrooms
  • Postmortem Pathology Expands Access to Private Autopsy Services in Las Vegas
  • How Sacramento Families Are Using Private Autopsies to Protect Inheritances, Resolve Insurance Claims, and Find Closure
  • ENTOUCH Named Top 100 Inspiring Workplaces in North America for Third Consecutive Year
  • David Pedrol named Managing Director in Indonesia
  • AutomationIQ Launches to Bring Enterprise-Grade AI Automation to Local and Mid-Market Businesses
  • Discard Junk Removal Named #1 Junk Removal Company in Sacramento Out of 189 Businesses Evaluated
Copyright © 2026 washingtoner.com | Terms of Service | Privacy Policy | Contact Us | Contribute