Halo Security launches attack surface management platform to protect data from external attackers

TrustedSite has launched Halo Security at Black Hat USA 2022. The company’s attack surface management platform combines external asset risk and vulnerability assessment, and penetration testing services to provide organizations complete visibility into the risk posture of their internet-exposed assets on an on-going basis.

Led by experienced penetration testers, scanning leaders and reformed hackers, Halo Security brings the attacker’s perspective to the modern organization with a mission to help organizations protect data from external attackers and build trust with their customers.

Halo Security comes out of stealth having already helped organizations identify and monitor all their internet-facing assets across clouds and service providers; detect risks and security posture improvements by way of vulnerability scanning, application testing, and manual penetration testing; and organize their data for smarter remediation with Halo Security’s all-in-one solution for attack surface management.

You can’t protect what you don’t see, and Halo Security’s agentless and recursive discovery engine discovers the assets you’re not aware of, so you can prioritize your efforts from a single pane of glass.

Halo Security was founded by veterans of industry leaders, like Intel and McAfee, who set out on a mission to help organizations understand and reduce digital risk. In 2002, they created one of the world’s first commercial website and web application vulnerability scanners, ScanAlert. Halo Security has provided security services to over 8,000 clients since it began in 2013, working under the McAfee umbrella until 2021.

“There’s a reason Gartner and others are sounding the alarm about the need for attack surface management tools,” said Halo Security founder and CEO, Tim Dowling.

“Existing cybersecurity technologies on the market leave blind spots and thousands of organizations are suffering from a lack of visibility when it comes to their total attack surface, leaving the door open for malicious actors to compromise data and demand ransoms. Halo Security combines advanced asset discovery and monitoring technology with best-in-class manual and automated security testing capabilities to give organizations a complete view of their external risk.”, Dowling continued.

Halo Security’s penetration testers boast OSCP (Offensive Security Certified Professional) and OSCE (Offensive Security Certified Expert) certifications and have provided testing for some of the largest organizations in the world. Halo Security is an Approved Scanning Vendor authorized by the PCI Security Standards Council, and the company’s founders hold patents for multiple security scanning technologies.

Halo Security is rolling out a new free tool to audit the security controls of any website. The new Halo Security Site Scan service audits the certificates, headers, scripts, forms and technologies in use on any website and provides best practice recommendations for proactively improving its security posture.