Debuts to Manage Attack Surface


By: Mary Jander

Intrigue Corp., a cybersecurity startup in Austin, Texas, has scored $2 million in seed funding led by LiveOak Venture Partners to develop a solution it claims accelerates the protection of an organization’s Internet-facing assets.

Intrigue emerged in 2019, based on the work of founder and CEO Jonathan Cran. The funding will be used for further product development and marketing of the company’s flagship, a hosted service — also called Intrigue — that is based on open-source software and modeled on a concept called attack surface management.

As the name implies, attack surface management is the process of automatically discovering all of an organization’s Internet-facing assets, then identifying misconfigurations, vulnerabilities, and external threats associated with them.

“Intrigue began with the idea that security teams must be able to scale to enable innovation while also managing an ever-growing and changing attack surface. To do this well requires deep visibility of assets and awareness of their exposure to threat actors,” said CEO Cran in a prepared statement.

Intrigue Claims a Detailed View

Cran said he got the idea for Intrigue while working as an expert in penetration testing. His idea was to build a framework incorporating the many open-source intelligence (OSINT) tools available, such as Maltego and Metasploit. His work became focused on creating an open-source Intrigue Core and evolved into what Cran has called “a generalized automation workflow framework.”

Intrigue Core obtains attack surface information using Intrigue Ident, a library of fingerprinting solutions — programs created to obtain specific information about an endpoint, host, or asset by scrutinizing its packet flows, addressing information, and related items. That information is normalized in a graph database that depicts relationships among network hosts, domains, web applications, cloud applications, network services, and certificates. This information can be used to find misconfigurations and to match various entities with known vulnerabilities.

Lots of Competition

Intrigue will need all the resources it can muster to make a go of it in its particular niche of the highly competitive cybersecurity market. Attack surface management solutions proliferate in open-source software. Commercial solutions are offered by large vendors such as Palo Alto Networks (PANW), McAfee (MCFE), and FireEye (FEYE), as well as many small firms, including Censys and Balbix. And many of the Futuriom 40, including Exabeam, Firemon, Fivetran, HashiCorp, and TrueFort are similar to Intrigue in offering key elements of a cybersecurity strategy. Eventually, these kinds of solutions may find their way into mergers with larger players, particularly given that security is a driving force in trends such as multi-cloud-networking.

Cran is confident that Intrigue can distinguish itself through automation features, comprehensiveness of attack surface discovery, and openness to improvements and innovations from the developer community.

“While there are many that claim to provide visibility of assets and exposures that matter, Intrigue actually delivers on the promise,” he claims in a statement. Armed with fresh backing and a specific plan, this company could be one to watch.