Press Release

Coalfire Launches Risk-Based Attack Surface Management Solution

April 29, 2021

Breakthrough tech-enabled platform provides a continuous approach to offensive security

WESTMINSTER, CO – April 29, 2021 – With its recent acquisition of Neuralys, a cloud-based penetration testing management platform, today Coalfire launched its Attack Surface Management (ASM) solution to enhance the company’s growing offensive security portfolio. ASM complements the company’s 20-year risk management heritage by automating asset discovery, testing, remediation, and reporting across today’s expanding attack surfaces. 

“Cloud and application development is accelerating the need to move beyond traditional point-in-time testing,” said Mark Carney, chief operating officer of Coalfire. “Our continuous attack surface management capabilities are now mission-critical to manage clients’ operations and business risk. As one of the largest penetration testing groups in the world, Coalfire is taking our offensive security capabilities to the next level with our tech-enabled ASM solution.” 

The addition of Coalfire’s ASM solution expands the company’s adversary ops services portfolio, encompassing cloud and application pen testing, threat and vulnerability management program development, and physical red team exercises. 

“ASM represents ‘pen testing 2.0’ and our relentless dedication to risk management,” said Martin Sajon, executive advisor for threat and vulnerability management. “This new platform meets the challenge of today’s hyperscale, multi-cloud computing environments with continuous attack surface testing, streamlined managed services, and real-time executive dashboard visibility.” 

ASM delivers ongoing adversarial validation of clients’ offensive controls, turning what was once a manual process into a dynamic, digital experience. Coalfire’s proprietary methodology powered by the ASM platform provides value across the end-to-end process, spanning:

  • Discovery - Continuous identification of cloud and internet-facing assets
  • Management - Manage discovered assets for visibility, classification, and ownership
  • Validation - Automate and verify attack surface security postures
  • Prioritization - Aggregate and prioritize vulnerabilities and assets
  • Tracking - Monitor and report on changes, remediation, and ownership

“As the world’s digital footprint grows in size and complexity, closing the gaps between detection and response drives the mission,” said Carney. “A continuous attack surface assessment approach, paired with traditional physical offensive testing, keeps our clients ahead of highly motivated adversaries by identifying threats, aggregating vulnerabilities, eliminating false positives, and testing continuously. When it comes to managing security controls and rapid response, you can’t protect what you don’t know in today’s dynamic threat landscape.” 

With the Neuralys platform acquisition, Coalfire’s elite team and advanced, 
open-source security tools enable a comprehensive suite of offensive security services. These range from ongoing pen testing with the largest cloud service providers, to embedded testing and IoT assessments, to red team exercises designed to assess the overall security posture and an organization’s ability to respond to cyberattacks. 

“Our clients share the common challenge of gaining visibility into the expanding attack surface resulting from dispersed operations, remote workers, shadow IT, the rise of cloud consumption, and the rapidly changing digital world we live in today,” said Sajon. “By combining dynamic attack surface testing, best-in-class tools, and the most realistic simulations with the most experienced team in the world, Coalfire is proud to set the new standard in cloud and application security tradecraft.”


About Coalfire 

Leading cloud infrastructure providers, SaaS providers, and enterprises turn to Coalfire for help solving their toughest cybersecurity problems. Through the combination of extensive cloud expertise, technology, and innovative and holistic approaches, Coalfire empowers clients to achieve their business objectives, use security and compliance to their advantage, and fuel their continued success. Coalfire has been a cybersecurity thought leader for 20 years and has offices throughout the United States and Europe. For more information, visit


For media inquiries:
Mike Gallo
(212) 239-8594