What tools/services do you use for CTEM (continuous threat exposure management)?
Sort by:
CTEM cannot be covered by a tool itself as it is a framework. I have used in the past XM Cyber and Teanable.
Interpres is also a really good CTEM tool. It integrates tightly with MDR, Pen Testing services also (the vendor has both). A lot of pure play CTEM vendors only have the CTEM component not the services component.
We use several CTEM tools, but Ionix is our main platform. It quickly discovers assets, validates findings and ranks risks, helping us prioritize remediation.
Might not be what you define as CTEM, but we use BitSight for monitoring our external attack surface. It finds assets we might not see with scanners. Qualys has a module called Threat Protect that is good for surfacing what to work on.
We rely on tools like Pentera Surface, Qualys, Wiz, and RiskRecon, among others, to pinpoint vulnerabilities that represent actual threats to the business.