Pentera

Last updated
Pentera
Industry Cybersecurity
Founded2015 (as Pcysys)
FounderDr. Arik Liberzon, Arik Faingold
Headquarters Boston, USA
Area served
 Hamburg, Germany

London, England
Singapore
Dubai, UAE

Tel Aviv, Israel
Key people
Amitai Ratzon (CEO), Dr. Arik Liberzon (Co-founder and CTO), Ran Tamir (CPO), Aviv Cohen (CMO), Tzurit Golan (Chief People Officer), Morgan Jay (CRO)
ProductsPentera Core, Pentera Surface, Credential Exposure Module, RansomwareReady Module, Security Validation Advisory services
Number of employees
350 (October 2023)
Website pentera.io

Pentera is an American cybersecurity software company, specializing in automated security validation solutions. Originally founded as Pcysys in 2015, the company later rebranded as Pentera in 2021. The company is led by Amitai Ratzon (CEO) and Dr. Arik Liberzon (founder and CTO). Pentera has entities in the US, Germany, UK, Israel, Dubai, and Singapore. [1] [2] [3] [4]

Contents

Funding

To date, the company has raised $115 million in primary funding:

Product

Pentera develops security validation software designed to test cybersecurity controls, credentials, and vulnerabilities within organizations. The platform is designed to assist in identifying and prioritizing security flaws to increase an organization's resilience to cyberattacks. [12] [13] [14]

The Pentera software employs algorithms to test across the entire IT environment, including the internal and external network attack surfaces, on-premises and cloud-based. The platform is designed to perform automated emulation of ethical attack techniques such as remote code execution, password cracking, and data exfiltration. The platform does not require the installation of software agents on the network’s endpoints, making it compatible with most enterprise systems and security service providers. [15]

The Pentera platform consists of products and add-on modules:

Research

Pentera Lab is the company's research arm, which actively monitors threat intelligence feeds and identifies new vulnerabilities and attack techniques used by adversaries. Its publications are available for cyber defenders to identify, analyze, emulate, and mitigate new adversary tactics and techniques in the wild. [24]

These findings are synthesized and fed into the Pentera platform to continually enhance its security testing capabilities. Pentera lab also disclosed newly discovered "zero day" vulnerabilities and contributed to adversary tactics techniques and procedures (TTPs) to the MITRE ATT&CK matrix. [25] [3]

Sample Pentera Lab findings and community contribution:

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security is the protection of computer software, systems and networks from threats that can lead to unauthorized information disclosure, theft or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

Cross-site scripting (XSS) is a type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy. During the second half of 2007, XSSed documented 11,253 site-specific cross-site vulnerabilities, compared to 2,134 "traditional" vulnerabilities documented by Symantec. XSS effects vary in range from petty nuisance to significant security risk, depending on the sensitivity of the data handled by the vulnerable site and the nature of any security mitigation implemented by the site's owner network.

<span class="mw-page-title-main">Trend Micro</span> Japanese multinational cyber security company

Trend Micro Inc. is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, and cloud computing environments, networks, and end points. Its cloud and virtualization security products provide automated security for customers of VMware, Amazon AWS, Microsoft Azure, and Google Cloud Platform.

Vulnerabilities are flaws in a computer system that weaken the overall security of the system.

Fortinet, Inc. is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems. Fortinet has offices located all over the world.

Qualys, Inc. is an American technology firm based in Foster City, California, specializing in cloud security, compliance and related services.

EC-Council is a cybersecurity certification, education, training, and services company based in Albuquerque, New Mexico.

<span class="mw-page-title-main">Proofpoint, Inc.</span> American cybersecurity company

Proofpoint, Inc. is an American enterprise cybersecurity company based in Sunnyvale, California that provides software as a service and products for email security, identity threat defense, data loss prevention, electronic discovery, and email archiving.

In computer software, the term parameter validation is the automated processing, in a module, to validate the spelling or accuracy of parameters passed to that module. The term has been in common use for over 30 years. Specific best practices have been developed, for decades, to improve the handling of such parameters.

VMware Carbon Black is a cybersecurity company based in Waltham, Massachusetts. The company develops cloud-native endpoint security software that is designed to detect malicious behavior and to help prevent malicious files from attacking an organization. The company leverages technology known as the Predictive Security Cloud (PSC), a big data and analytics cloud platform that analyzes customers’ unfiltered data for threats.

Kiteworks, formerly known as Accellion, Inc., is an American technology company that secures sensitive content communications over channels such as email, file share, file transfer, managed file transfer, web forms, and application programming interfaces. The company was founded in 1999 in Singapore and is now based in San Mateo, California.

Pivotal Software, Inc. was an American multinational software and services company based in San Francisco that provided cloud platform hosting and consulting services. Since November 2023, Pivotal has been part of Broadcom.

<span class="mw-page-title-main">Netwrix</span>

Netwrix is a Frisco, Texas–based private IT security software company that develops software to help companies identify and secure sensitive data and assist with compliance auditing. After eight acquisitions the company's team geographically expanded to Latin America, UK, Germany, France, Asia, US as well as other countries. The company's flagship products are Netwrix Auditor and Netwrix Enterprise Auditor that help information security and governance professionals manage sensitive, regulated and business-critical data.

Lastline, Inc. is an American cyber security company and breach detection platform provider based in Redwood City, California. The company offers network-based security breach detection and other security services that combat malware used by advanced persistent threat (APT) groups for businesses, government organizations and other security service providers. Lastline has offices in North America, Europe, and Asia.

SafeBreach is a cybersecurity company based in Sunnyvale, California and Tel Aviv, Israel. The company has developed a platform that simulates hacker breach methods, running continuous "war games" to identify breach scenarios across network systems. SafeBreach is a pioneer in the emerging category of breach and attack simulation. The company's platform provides a “hacker's view” of an enterprise’s security posture to predict attacks, validate security controls and improve SOC analyst response. SafeBreach is funded by Sequoia Capital, Hewlett-Packard pathfinder, Deutsche Telekom Capital Partners and others.

<span class="mw-page-title-main">Anomali</span> American cybersecurity company

Anomali Inc. is an American cybersecurity company that develops and provides threat intelligence products. In 2023, the company moved into providing security analytics powered by artificial intelligence (AI).

Perimeter 81 is an Israeli cloud and network security company that develops secure remote networks, based on the zero trust architecture, for organizations. Its technology replaces legacy security appliances like VPNs and firewalls.

Zscaler, Inc. is an American cloud security company based in San Jose, California. The company offers cloud-based services to protect enterprise networks and data.

JumpCloud is an American enterprise software company headquartered in Louisville, Colorado. The company was formally launched in 2013 at TechCrunch Disrupt Battlefield with its announcement of an automated server management tool. JumpCloud's offers a cloud-based directory platform for identity management.

Snyk Limited is a developer-oriented cybersecurity company, specializing in securing custom developed code, open-source dependencies and cloud infrastructure. It was founded in 2015 out of London and Tel Aviv and is headquartered in Boston.

References

  1. "Pentera Launches The Industry's First Unified Testing Platform". ITsecurity Demand. 2022-02-11. Retrieved 2023-11-27.
  2. Martin, Noga. "Pcysys rebrands as Pentera, unveils automated attack module". www.israelhayom.com. Retrieved 2023-12-20.
  3. 1 2 "Pentera ups ante in penetration testing | Computer Weekly". ComputerWeekly.com. Retrieved 2023-11-27.
  4. "Netpoleon partners with Pentera for APAC". www.arnnet.com.au. Retrieved 2023-11-27.
  5. 1 2 Ravet, Hagar (2019-11-13). "Cybersecurity Startup Pcysys Raises $10 Million". CTECH - www.calcalistech.com. Retrieved 2023-11-27.
  6. 1 2 "Pcysys raises $25 million for automated cybersecurity testing". VentureBeat. 2020-09-09. Retrieved 2023-11-27.
  7. "Pentera: מגינים על העולם, נשארים בישראל". TheMarker. Retrieved 2023-11-27.
  8. "Israeli cybersecurity co Pcysys raises $25m". Globes. 2020-09-09. Retrieved 2023-11-27.
  9. "Penetration testing startup Pcysys raises $25M to develop its technology". SiliconANGLE. 2020-09-09. Retrieved 2023-11-27.
  10. Hu, Krystal (2022-01-11). "Israeli security startup Pentera raises $150 mln in funding round, eyes IPO". Reuters. Retrieved 2023-11-27.
  11. Orbach, Meir (2022-01-11). "Pentera becomes Israel's latest cybersecurity unicorn with $150 million Series C". CTECH - www.calcalistech.com. Retrieved 2023-11-27.
  12. "Pentera Redefines Cybersecurity Market with Unified Testing Platform – AI-TechPark". 2022-01-24. Retrieved 2023-11-27.
  13. "Pentera redefines the cybersecurity validation market with the industry's first unified testing platform for insider and outsider threats". ITSecurityWire. 2022-01-24. Retrieved 2023-11-27.
  14. "Arik Liberzon, Pentera: "we must ensure that security is proactive and preventative and not simply responsive"". cybernews.com. 2023-11-15. Retrieved 2023-11-27.
  15. "Pentera Redefines Cybersecurity Market with Unified Testing Platform - AI-TechPark". 2022-01-24. Retrieved 2023-12-20.
  16. "Pentera redefines the cybersecurity validation market with the industry's first unified testing platform for insider and outsider threats". ITSecurityWire. 2022-01-24. Retrieved 2023-12-20.
  17. "Pentera Launches The Industry's First Unified Testing Platform". ITsecurity Demand. 2022-02-11. Retrieved 2023-12-20.
  18. "Pentera ups ante in penetration testing | Computer Weekly". ComputerWeekly.com. Retrieved 2023-12-20.
  19. "Pentera Cloud empowers security teams to reduce exposure to cloud-native attacks". Help Net Security. 2024-03-06. Retrieved 2024-08-28.
  20. Noga, Martin. "Pcysys rebrands as Pentera, unveils automated attack module". www.israelhayom.com. Retrieved 2023-12-20.
  21. "Fast Company Names Pentera In Top 10 Most Innovative Security Companies for 2023". Yahoo Finance. 2023-03-13. Retrieved 2023-12-20.
  22. "Arik Liberzon, Pentera: "we must ensure that security is proactive and preventative and not simply responsive"". Cybernews.
  23. Kovacs, Eduard (12 August 2022). "Black Hat USA 2022 – Announcements Summary".
  24. Noga, Martin (2021-06-16). "Pcysys rebrands as Pentera, unveils automated attack module". www.israelhayom.com. Retrieved 2023-11-27.
  25. Shemer, Simona (2022-06-12). "Israeli Cybersecurity Firm Pentera Launches Cyber Research Arm". NoCamels. Retrieved 2023-11-27.
  26. Kovacs, Eduard (2022-03-29). "VMware vCenter Server Vulnerability Can Facilitate Attacks on Many Organizations". SecurityWeek. Retrieved 2023-11-27.
  27. "New PsExec spinoff lets hackers bypass network security defenses". BleepingComputer. Retrieved 2023-11-27.
  28. "Who Stole My Cookies? XSS Vulnerability in Azure | CSA". Cloud Security Alliance. Retrieved 2023-12-26.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.