Noname Security launches Recon

New solution simulates cyber attack reconnaissance to rapidly find and fix issues without requiring integrations, installations, or implementations.

Noname Security has launched Noname Recon, the latest addition to the company’s API Security Platform. With Recon, customers are now able to simulate an attacker performing reconnaissance on an organisation’s domains, allowing them to rapidly find and fix issues – without any integrations, installations, or implementations required.

Cybercrime rates show no sign of slowing down. According to recent research commissioned by Noname Security looking at API Security Trends in 2022, 76% of those surveyed reported they had experienced an API security incident in the past 12 months. Although there are many ways a cybercriminal can gain access to an organisation, APIs now represent the most common attack vector used by malicious state and non-state actors alike.

“One of the best ways to prevent a cyber attack is to stay ahead of cybercriminals. With APIs creating thousands of potential entry points to an organisation, it’s no surprise that many hackers look to take advantage of these potential vulnerabilities,” said Shay Levi, Co-Founder and CTO at Noname Security. “How do you beat a hacker? Think like them. With Recon, we’ve made it easy to identify potential vulnerabilities and exploitable intelligence by simulating attacker reconnaissance, so customers can use that information to better protect themselves.”

With Noname Recon, customers can now easily find public issues and quickly fix them to prevent breaches. Recon enables customers to:

● Easily Find Public Exposures: Automatically discover public APIs, domains, and vulnerabilities, including “shadow domains” that are easily overlooked; find exploitable intelligence, such as exposed information, to understand the attack paths available to adversaries; and monitor for changes in APIs, domains, and developer activity to build a complete and current inventory of publicly accessible assets.

● Quickly Fix Vulnerabilities: Rapidly reduce risks and eliminate weaknesses before they can be exploited, make smart, informed decisions about which issues to remediate first and shrink your attack surface in record time, and resolve high-severity issues in hours or days instead of weeks or months.

● Actively Prevent Breaches: Continuously secure your customer data, personally identifiable information (PII), internal documentation, intellectual property, regulatory standing, shareholder value, and more with automatic scanning and protection against evolving threats; automate policy enforcement and avoid regulatory fines and reputational damage by continually monitoring for compliance.

Early-access customers report that Noname Recon is “a game-changer” that’s helped them identify potential vulnerabilities that were not found with any other technology they have used. In the words of one Fortune 500 customer, “with Recon, we feel more secure than ever.”

In particular, Noname Recon has helped customers identify critical issues such as secret keys stored in public code repositories, leaked internal documentation, misrouting allowing WAF and CDN bypass, and more. Many of these issues demonstrate how even well-designed and thoroughly-tested APIs require continuous security as they interact with other technologies and environments.

Noname Recon expands the ability of the platform to secure APIs at all times from all potential threats. This allows organisations the ability to lower the risk of an attack, lower the cost of potential incidents, and increase revenue by delivering more secure products, more developer confidence, faster development, and better brand reputation.

Purpose-built security data lake helps organizations aggregate, manage, and analyze log and event data to enable faster threat detection, investigation, and incident response.
Akamai Technologies has released a new State of the Internet report that indicates a growing risk to the financial services sector and a shift to more sophisticated techniques.
Companies of all sizes faced attacks, with malware representing 40% of CyberSOC (Detection and Response operation centers) incidents.
Senior cybersecurity professionals reveal their number one frustration is the inability to continuously measure enterprise-wide security posture and identify control failures.
Sophos has introduced Sophos Managed Detection and Response (MDR) with new 'industry-first' threat detection and response capabilities.
Research reveals today’s organizations face skyrocketing workloads, increasingly sophisticated threats, and poor threat visibility – leading to multiple breaches for 45% of them.
Organisations are feeling pressure as the potential for business disruption increases. With ‘freak’ weather causing data centres to overheat over the summer, and concerns over winter power outages in the face of the energy crisis, business resilience is in the spotlight - it’s become clear that we must expect the unexpected. By Russ Kennedy, Chief Product Officer at Nasuni.
Agreement delivers Okta’s identity-first Zero Trust security solution to the channel in France, Spain, Portugal, Italy and Greece — a vital security tool in an era of remote work.