Darktrace and HackerOne partnered to combine Darktrace PREVENT/Attack Surface Management™ technology with the continuous security assessment capabilities of the HackerOne platform. The partnership expands HackerOne's OpenASM initiative and delivers on a shared vision with Darktrace to help organizations secure their digital estate through leading technology and a community of ethical hackers. HackerOne recognized the need for an ASM partner that could enhance the asset discovery and reconnaissance efforts of HackerOne's community of hackers.
After an extensive technology evaluation, it selected PREVENT/ASM™, a set of AI-powered capabilities that perform reconnaissance on a target attack surface simply by knowing the name of an organization or brand and identifying threats external to that target. The combination of AI and security expertise will deliver continuous insight and help organizations find and eliminate blind spots across their digital landscape before attackers can exploit them. To assure ongoing security improvement, Darktrace and HackerOne will collaborate to train hackers on ASM best practices as they find, enrich, and risk rank assets.
The Darktrace and HackerOne partnership helps organizations close their security gap. Organizations face challenges with an attack resistance gap between known digital assets and those they need to protect. According to The 2022 Attack Resistance Management Report, one-third of organizations said they monitor less than 75% of their attack surface, and almost 20% believe that over half of their attack surface is unknown or not observable.
In June, HackerOne launched OpenASM, an initiative that empowers organizations to combine external scan data from ASM products with HackerOne's proactive security testing capabilities to gain a comprehensive understanding of attack surface risks. As an early champion of OpenASM, Darktrace assures that customers can quickly gain visibility of their external assets, while hacker expertise provides targeted testing and data enrichment to address the most critical risks to their organization.