Tenable Holdings, Inc., the Cyber Exposure firm has agreed to acquire Cymptom, a specialist in attack path management, said a company statement.
Security teams will be able to prioritize responses ahead of and during attacks by combining Tenable’s coverage of vulnerabilities and misconfigurations with Cymptom’s unique analysis and prioritization capabilities, according to the company’s statement.
The details of the transaction are not disclosed yet, and the acquisition is slated to finalise in the first quarter of 2022.
“Risk prioritization has become a cornerstone of modern cybersecurity. By correlating software vulnerabilities and misconfigurations with network and access data, Cymptom can immediately identify exploitable attack and breach pathways,” said Nico Popp, chief product officer, Tenable. “Following closing of the deal, these compelling analytics will be integrated into Tenable.ep™, Tenable’s Exposure Platform, and augment the prioritization, benchmarking, trending and other capabilities which are part of Lumin and available via Tenable.ep.”
“Cymptom and Tenable share a common vision that modern vulnerability management combined with a deep and sophisticated understanding of attackers’ perspectives is a powerful weapon in stopping breaches and reducing risk to the enterprise. Tenable helps its customers identify the flaws attackers will exploit to gain a foothold and elevate privileges. Cymptom’s capabilities will augment Tenable’s ability to predict the most likely paths, identify choke points and mitigate flaws before they can be exploited,” said Itamar Mizrahi, CEO, Cymptom. “We are excited to accelerate our mission and eager to work with Tenable’s global team.”
Headline breaches, whether they be sophisticated persistent threats, ransomware, or conventional hacks, frequently make use of well-known attack vectors in company networks. Identifying, comprehending, and interrupting these attack routes before attackers can exploit them is crucial to lowering the likelihood of a breach.
Cymptom enables businesses to continually test and analyse risks in accordance with the MITRE ATT&CK methodology and the hacker’s attack perspective, without the usage of agents or the execution of simulated attacks.
Following the closure, Cymptom’s agentless platform will be incorporated into Tenable’s threat and vulnerability data to give an always-on view of every attack vector. With a single view of assets and vulnerabilities, attack route analysis will provide new context and prioritising capabilities to Tenable’s platform.