Outpost24 was among the 13 selected vendors invited by analyst Forrester to participate in the latest Vulnerability Risk Management Wave. While we’ve been growing our capabilities fast in application security testing and cloud security assessment, it’s easy to forget Outpost24 is best known in the vulnerability management space with deep roots in penetration testing. For the past few years Outpost24 has been on a mission to turn our ethical hacking knowledge into a ‘full stack security assessment’ platform, with the aim to provide more context of different attack paths and the tools that our customers need to understand security weakness and reduce cyber exposure in their expanding technology stack. Most importantly, we are proud to have received great feedback from our customer references citing they “were consistently happy with the support they received and the management of the product”
How were the vendors evaluated?
For The Forrester Wave™: Vulnerability Risk Management, Q4 2019, participating vendors were required to demonstrate the following capabilities:
- Vulnerability Enumeration: ability to actively interrogate systems to identify weaknesses and vulnerabilities
- Digital Footprinting: ability to identify and monitor assets on the public internet as part of reconnaissance
- Asset Criticality: uniquely assist in identifying or labeling assets by criticality or function
- Network Exposure: assist in performing network segmentation and use attack path information to adjust prioritization of identified issues
- Vulnerability Severity: leverage cyber intelligence to determine and communicate vulnerability severity
- Risk-based Prioritization: assist in prioritizing issues based on asset criticality, network exposure, and vulnerability severity
- Metrics and Reporting: provide metrics to assist organization in understanding current risk posture and effectiveness of vulnerability management program
- Role-based Management: ability to support very large enterprise and multitenant service providers
On top of these, participating vendors were required to have a minimum of $10m in revenue and have interest from Forrester clients.
Outpost24 is a new Vulnerability Risk Management Challenger
Being a fairly new-comer to the US market (we entered the market only 3 years ago), Outpost24 has long been overlooked by analysts and reports that only look at more established players. In our debut in the Forrester Wave this year, we are excited to be recognized among the most significant vendors and to have the opportunity to receive analyst feedback on how Outpost24 compares. The feedback we gained from Forrester has been invaluable - not only that it has helped reinforce our ‘full stack security assessment’ vision and open API product strategy, it has also provided great insights into areas that we need to improve on to deliver even more value for our customers.
Enhancement since the evaluation
As a company dedicated to simplifying security assessment, Outpost24 has since acquired wireless security pioneer Pwnie Express – a well-known and trusted security brand providing full threat detection of known and unknown Wi-Fi access points and Bluetooth devices in and around the corporate network. With the rise of connected and IoT devices in the workplace, the danger of the airspace as an open pathway for hackers is often overlooked. This acquisition further extends our capability to help organizations understand where their crown jewels are (regardless of where they sit), where they are weak and establish priorities for remediation for the biggest risks posed to the business across all technology assets.
As Forrester highlighted in the report ‘prioritization and reporting are key differentiators’ and ‘risk prioritization requires complete infrastructure understanding’, our goal is to provide visibility and context for security teams to quickly reduce their attack surface. We believe Outpost24 is ideal for organizations who are:
- Migrating or moving between traditional infrastructure and cloud infrastructure
- Practicing continuous development via agile DevOps
- Using multiple public clouds and containers
For organizations with limited security staff and expertise, Outpost24 can get you started quickly by providing continuous infrastructure assessment and managed services to prioritize remediation efforts and meet regulatory compliance.
For organizations already invested in traditional vulnerability assessment, Outpost24 offers broader security assessment capabilities across networks, devices, applications, cloud and containers within the same platform, providing a more complete view (and context) of your risk profile and reducing the cost and effort required to run multiple, pointed assessment tools. To see it for yourself, contact us today to see how we can help.