About Us

NetSPI’s Penetration Testing and Vulnerability Management Platform now includes risk scoring

NetSPI, the industry leader in organizational penetration testing and attack surface management, has added risk scoring to its ResolveTM vulnerability management and penetration testing platform. NetSPI’s risk score intelligence in combination with Penetration Testing as a Service (PTaaS) assists clients in prioritizing, managing and remediating the vulnerabilities that pose the highest risk to their firm.

NetSPI’s new risk scoring features dynamical  integration into PTaaS to deliver both a detailed vulnerability risk score and an aggregate risk score for a firm’s projects, assets, apps, and networks. NetSPI customers who use its penetration testing services have access to risk scoring. NetSPI clients can safely dedicate funds and resources to the most critical vulnerabilities by using risk rating.

The risk scores are used as a quantitative assessment for risk reduction over time, validation of cybersecurity expenditures, resource allocation, and benchmarking in the industry. With NetSPI’s risk score, organizations can appropriately prioritize vulnerability patching by taking into account business context and the threat landscape.

“There are varying approaches to assigning vulnerability severity, but risk today extends far beyond individual vulnerabilities. The key is to recognize the risks most likely to disrupt the business, identify the threats that would increase those risks, and prioritize the most appropriate mitigations to protect your organization from those threats. NetSPI’s risk scoring does just that,” said Jake Reynolds, Head of Product at NetSPI.

“Reactive cybersecurity is a thing of the past. Security leaders must get proactive and take a risk-based approach to stay ahead of today’s adversaries. Our risk scores enable NetSPI clients to make proactive security decisions based on their unique risk factors. In other words, it allows them to confidently allocate budget and resources to the vulnerabilities that matter most,” said NetSPI President and CEO Aaron Shilts.

GoVanguard completes acquisition of Gotham Security

GoVanguard  technology security company has accomplished the acquisition Gotham Security. The acquisition enables GoVanguard to expand its cybersecurity leadership, strengthening its staff and experience to support clients’ growing need to prevent and mitigate disruptive threats like ransomware cyberattacks. The move is a crucial part of GoVanguard’s mission to raise security awareness and equip its customers with elite-level cybersecurity services.

GoVanguard provides security solutions to a wide range of sectors. Several worldwide enterprises, medium-sized companies, and small local businesses are among their clients, which span the financial, healthcare, insurance, and technology industries.

GoVanguard’s reputation has been established on its adversary simulation, risk reduction, threat management, and information security strategy techniques. By acquiring a five-year partner and market leader in red-teaming and pentesting—The two key services for firms protecting against security threats and staying ahead of dangers to corporate information are accomplished. 

“As threat actors become more sophisticated, it’s become obvious that the best defense is to go on the offensive. Adversary simulation has become increasingly valuable for organizations looking to quickly gauge and improve their security position. Afterall, if you can’t measure it, you can’t improve it. Gotham Security has been a close partner for years and this was a natural next step to allow our red-teaming experts to take our clients’ defenses to the next level and continue our dedication to finding the security gaps before cybercriminals do,” said Mahdi Hedhli, GoVanguard CEO.

Blake Shalem, Gotham Security COO, will be joining GoVanguard as its Chief Customer Officer. Blake said, “This move allows us to elevate what we do best, which translates to a superior class of protection for our clients.”

With the acquisition of Gotham Security by GoVanguard, clients will be able to stay one step ahead of the cybercriminals, particularly in the areas of red-teaming and pentesting, which will help businesses remove security vulnerabilities before hackers strike.

“We’re doubling down on our commitment to improve the cybersecurity landscape by honing our focus on red teaming. We feel this is the area where GoVanguard makes the biggest impact for our clients and the industry as a whole,” Hedhli said.

Comptia ISAO Includes Sophos’ Real-Time Cybersecurity Threat Analysis and Intelligence Resources

The CompTIA Information Sharing and Analysis Organization (ISAO) has decided to expand its collaboration with worldwide cybersecurity leader Sophos and its industry-leading threat research lab, SophosLabs, to provide advanced cybersecurity threat analysis and intelligence capabilities.

CompTIA, the nonprofit group for the information technology (IT) industry and workforce, announced the expanded cyber capabilities.

Simon Reed, senior vice president, SophosLabs said, “SophosLabs research illustrates how adversaries are constantly changing their tactics, techniques and procedures (TTPs) to breach targets, move laterally and carry out ransomware and other attacks. The only way to effectively fight modern cybercrime is if we do it together. That’s why Sophos is committed to sharing actionable threat intelligence with the CompTIA community. This new integration gives member organizations advanced abilities to quickly investigate suspicious URLs and files to determine their risk and to understand what happens if they are opened or executed. Powered by machine learning, SophosLabs Intelix predictively convicts never-before-seen threats, and is constantly improving based on the collective input of community intelligence.”

“This is a real differentiator for our members, who can access a powerful analysis resource to identify, classify and prevent threats, further protecting themselves and more importantly, their customers,” said MJ Shoer, senior vice president and executive director of the CompTIA ISAO.

“This is a significant addition to the resources available to our members. It is the latest example of the support that industry partners such as Sophos have for the CompTIA ISAO, and the commitment we all have to make the industry more secure,” Shoer added

Digital Asset Exchange BlockQuake™ Collaborates with Prominent Cybersecurity Firm Friedman CyZen

BlockQuake™, a regulatory-driven digital asset exchange announced collaboration with Friedman CyZen (“CyZen”), a prominent cybersecurity company with decades of experience in technological compliance with multiple regulatory frameworks. CyZen, a subsidiary of Friedman LLC, offers services such as continuous security log auditing, penetration testing, cybersecurity control, processing audits, and compliance consultation. BlockQuake™ will use CyZen for a number of these services, boosting investor security and privacy while also allowing for a higher level of self-regulation. BlockQuake™ just completed a penetration test conducted by CyZen that found no serious vulnerabilities or other cybersecurity flaws that may be exploited. 

“We are proud to partner with CyZen, which will support us in maintaining the highest standards of security on the BlockQuake™ Exchange. With the prevalence of large-scale security breaches and crypto scams, cryptocurrency traders, especially new investors, are rightly concerned about how to choose an exchange that is legitimate and safe. This partnership should bring confidence to our investors, who know they are trading on an exchange that prioritizes their safety and security,” said Antonio Brasse, CEO, and Co-founder of BlockQuake™.

Cyberattacks are a threat to all businesses, including cryptocurrencies. Several cryptocurrency exchanges have had huge security breaches in the last year, with hackers compromising investor data and stealing millions of dollars.

BlockQuake™ has added CyZen with BSA-compliant Custodian Prime Trust, Chainalysis, and Fireblocks as another regulatory-forward partner ahead of its impending launch. These significant vendor collaborations will aid BlockQuake™ in mitigating potentially disastrous security risks, as well as contributing to the resolution of key security concerns raised by traders in the cryptocurrency space.

“Hackers do not just go after multi-million dollar institutions. Cryptocurrency exchanges are becoming more frequent targets of ransomware and other cyberattacks. With CyZen’s vast experience in cybersecurity, we bring peace of mind to BlockQuake™ and its investors that their funds are always protected. We also provide the multifaceted services they need to navigate evolving cyber threats,” said William Mendez, Managing Director of Operations for CyZen.

DRT Cyber, a VersaBank subsidiary based in Washington, DC, has signed an agreement with EzoTech to expand its Cybersecurity offering with AI Penetration Testing

VersaBank announced that DRT Cyber Inc. (“DRT Cyber”), its wholly-owned Washington, DC-based subsidiary, has signed a reseller and development agreement with EzoTech Inc. (“EzoTech”), the creators of the world’s first AI-powered Autonomous cybersecurity penetration testing platform. Penetration testing is the process of imitating a cyber cyberattack on a company’s assets and infrastructure in order to find both strengths and vulnerabilities in security systems and processes so that real-world cyber attacks can be avoided.

DRT Cyber will expand its solutions to present and new customers throughout the United States, Canada, and Europe with an AI-powered, automated, on-demand penetration testing platform under the reseller component of the arrangement. DRT Cyber will use EzoTech’s advanced AI Cyber Security technology and prowess to develop and rollout what it anticipates to be the world’s first AI-powered, automated, and continuous cyber security posture reporting platform for businesses of all types and sizes, as part of the development component of the agreement.

“Our agreement with EzoTech is a significant step forward in our strategy to expand DRT Cyber’s suite of cybersecurity offerings to complement existing services to our clients, as well as attract new clients, as we leverage our acquisition of Digital Boundary Group (DBG) last November. DRT Cyber’s acquisition of DBG provided a tremendous platform to build one of the pre-eminent cybersecurity businesses in North America; DRT Cyber boasts a client roster of national and multinational corporations, as well as government entities, including infrastructure assets, numerous police departments in the U.S., national retailers, and many others.  The addition of AI-powered, automated penetration testing, followed by a continuous, automated cyber security reporting solution, designed for organizations large and small, will significantly help expand DRT’s client roster, as the identification of cyber security vulnerabilities moves to the top of the priority list for IT departments globally,” said David Taylor, President and CEO of VersaBank and DRT Cyber.

“We are very pleased to be working with the team at DRT Cyber. Our fully autonomous, AI-driven penetration testing platform is licensed and deployable in a number of ways: as a stand-alone testing platform, as an autonomous test in combination with manual testing resources, and also ultimately as the engine for continuous reporting at the executive and working levels, to deliver a high level of confidence to organizations that their systems, networks and assets are well positioned to thwart cyber threats that are growing globally at an accelerating rate,” said Xristos Silaidis, President and CEO, EzoTech. 

“Businesses, governments and other entities are especially vulnerable to cybersecurity breaches due to a number of factors including, but not limited to, continuous changes in infrastructure, patch management issues and incorrect or stale security configurations, all of which can result in unforeseen security consequences that may not be readily apparent. In today’s IT environment, in which systems are being continuously deployed, updated or moved, continuous cyber security testing is essential to ensure that an organization’s IT systems are resistant to adversarial attacks 24/7, every week of the year. Our goal is to provide an automated and continuous cyber security reporting solution that not only is best-in-class for large organizations but also fits the IT budgets for the mass market of small-to-mid-size businesses and government entities,” said Gurpreet Sahota, Chief Operating Officer, DRT Cyber.