

Reut Weitzman
8 July, 2024
Since joining Cilynx as CEO in March, I’ve had the opportunity to meet face to face and virtually with our customers and partners in Europe, Asia, the United States, and Israel. What I’ve heard consistently is that the job of defenders has never been harder.
An ever-expanding and dynamic attack surface, fueled by digital transformation and the shift to cloud-based services, challenges even the most capable security teams. New applications and infrastructure are brought online almost daily. The workforce is also increasingly dynamic as enterprises embrace hybrid work and rely more on third parties of all types.
This puts the short-staffed Security Operation Center (SOC) teams in reactive mode. They spend most of their time triaging alerts and handling security incidents instead of proactively looking for signs of malicious activities within their systems and staying ahead of emerging threats. More proactive security activities like penetration testing or Red Teaming exercises are not done at all or are only done yearly to satisfy compliance requirements.
While SOC teams are often stuck in reactive mode, threat actors are anything but reactive. They are extremely proactive, constantly probing for weaknesses. The dynamic attack surface of most enterprises is a gold mine for threat actors, from individual hackers to organized cybercrime outfits. Unsurprisingly, the time window from the disclosure of a vulnerability to its exploitation in the wild is shrinking, and Artificial Intelligence (AI) is enabling attackers to move even faster.
Offensive security activities performed once a year simply don’t cut it when adversaries are active all year long. A proactive approach in the SOC must be a continuous, year-round effort. Organizations must adopt an always-on security posture, constantly testing, monitoring, and adapting to stay one step ahead of those who seek to exploit vulnerabilities and misconfigurations.
Enterprises are realizing that the solution to moving towards a proactive SOC approach is not adding more technology, especially as a recent survey found that the average organization already manages 75+ tools, a 19% increase. Hiring more people is not a quick fix either, especially as security budgets remain tight and talent is hard to find, especially security team members with prized skills in ethical hacking and offensive security.
Recognizing these challenges, I am excited to announce that Cilynx is launching the industry’s first Proactive SOC Service. With Cilynx’s Proactive SOC Service, our team of ethical hackers, renowned for their expertise and experience, becomes an extension of your security team. Cilynx integrates continuous monitoring of your attack surface, leveraging advanced Red Teaming and Threat Hunting technologies and methodologies. This unique approach empowers security teams to shift from reactive to proactive, effectively anticipating and mitigating threats before they materialize, all under the guidance of our skilled professionals.
Here are more details on the core elements of our new Proactive SOC Service:
Continuous Attack Surface Monitoring
Cilynx offers continuous monitoring of your attack surface powered by Artificial Intelligence (AI). We identify exposed Internet-facing assets, services, and systems with vulnerabilities. We also assess cloud assets and web applications for misconfigurations. By leveraging AI-driven analysis and insights from numerous offensive security engagements, Cilynx ensures comprehensive ongoing visibility to your dynamic attack surface.
Continuous Red Team Simulations
Our Red Team services use deep knowledge of attacker tools, techniques, and procedures (TTPs) and the knowledge gained from monitoring your attack surface to simulate sophisticated attacks, helping you strengthen your defenses. We provide a full debrief and remediation plan, flagging any critical findings immediately.
Threat Hunting
Our service includes proactive threat hunts, which actively look for hidden anomalies or behaviors that might indicate a threat, even before an alert has been triggered. We share findings for further investigation and develop new detection rules for your monitoring systems, ensuring comprehensive detection and decreasing the time to mitigate threats.
Mitigation and Remediation
Cilynx provides detailed, actionable recommendations for mitigating and remediating identified vulnerabilities and exposures. Mitigation strategies focus on reducing the impact of threats that cannot be completely eliminated, providing measures to contain and control potential damage. Remediation efforts aim to remove threats whenever possible, addressing security gaps to restore and strengthen your overall security posture.
Our new Proactive SOC Service has already been tested out with several of our clients, including one of the largest full-service banks in Asia with almost $75B in assets under management and a large multinational enterprise group with businesses in retail, finance, and real estate, operating in Europe and the United States.
The service has been especially valuable to the large multinational enterprise group since they have many companies in their portfolio and have limited visibility to the security posture of these associated companies. During our continuous scanning process, we discovered that one of the portfolio companies had an exposed asset with a vulnerability already being exploited in the wild. Cilynx’s ethical hacking team was able to gain initial access, move laterally in the network, take control over a Domain Admin account, and then ultimately obtain access to the parent company’s network.
Cilynx worked with our client to rapidly address the security gaps that were uncovered. Given the level of investment required in technology and talent, taking on this type of work in-house was simply not feasible for our client.
By continuously monitoring the attack surface, simulating sophisticated attacks, and hunting for hidden threats, Cilynx’s Proactive SOC Service enables organizations to anticipate and neutralize risks before they become incidents. This transition from reactive to proactive security ensures that defenses are always ahead of emerging cyber threats, significantly reducing the likelihood and impact of attacks.
Interested in learning more? Don’t hesitate to reach out!