Randori Named a Gartner Cool Vendor in Security Operations

Randori Principal Scientist Aaron Portnoy Answers: Why Randori?

Aaron Portnoy

I’ve been at Randori for nearly a year, and the work we are doing has only become more germane to the evolving threat landscape. Defenders are increasingly grappling with the challenges of a remote workforce, shadow IT, the rise of ransomware, and the sheer number of vulnerabilities—both known and unknown. It is safe to say that these trends will only increase, and organizations must adapt to defend their burgeoning attack surfaces successfully.

Finding and analyzing new ways to bypass security boundaries has always been my passion. In my twenty years of offensive vulnerability research, I’ve discovered, exploited, bought, and sold countless vulnerabilities. Some were disclosed, while others remain secret. These capabilities were once the exclusive province of select skilled hackers. Today, they are ubiquitous. 

From solo teenage hobbyists to well-funded organizations to nation-states, hacking has gone mainstream. To see how dramatically the landscape has changed, one only has to look at the number of CVEs granted for new vulnerabilities in 2020–over 18 thousand. In contrast, there were a mere 1,527 published in the year 2003 when I got my start. This exponential growth in capacity and ever-increasing incentives for malicious actors has left companies more vulnerable than ever. It’s daunting, but it also creates an opportunity to re-think how blue teams mitigate risk.

Organizations trying to defend themselves must sift through significant noise to isolate actionable information pertinent to their specific environments. While defenders play whack-a-mole with the latest set of patches or mitigations, they contend with an attacker’s ability to narrowly focus on maximal impact vulnerabilities. This race favors people like myself, with experience in determining exploitability with a specific goal in mind (not simply by chasing bugs with high CVSS scores). Managing risk with such a deluge of information is a dynamic experience that leaves defenders with less time and fewer resources to devote to other facets of their security posture. 

Cue penetration testing engagements—while these exercises do yield benefits, they are temporary. They provide only a tiny snapshot of a vast and rapidly changing threat landscape where attackers have the luxury of waiting for an opportune moment to strike.

This goal, to improve the way blue teams defend by using the perspective of an authentic attacker, is why I believe in Randori. It’s a space where my experience is put to good use, and I can work with a team of seasoned attackers with a similar mindset. Here, rather than endlessly and indiscriminately presenting scan results of customer environments, we set sights on their crown jewels through the lens of a motivated attacker. Instead of waiting for a predetermined engagement time to validate security controls, the Randori platform continuously monitors changes. It highlights your weaknesses before a malicious actor can take advantage of them. 

Other solutions keep you subjugated to the vulnerability-du-jour or relying on an annual snapshot of your security posture. In both cases, these leave you scrambling and implementing reactive defensive strategies. Randori enables you to become proactive and practice how you fight to stay one step ahead of attackers. 

 

 

Get Started With a Free Hacker Assessment