Media & telecom
Case study · Incenter · continuous

Hackers are fast. Be faster.

Cox Enterprises runs Incenter across a footprint serving 6.5M homes and businesses — 480K endpoints tested continuously, complex control bypasses and several zero-days surfaced, findings reported as discovered.

480K
endpoints tested continuously
Company
Cox Enterprises Inc
Sector
Media & telecom
Revenue
$19.2B
Employees
50,000
Footprint
6.5M homes & businesses
Engagement
Continuous · Incenter

The problem with a footprint this big

Cyber attacks against the media and telecommunications industry are on the rise. Few know it better than Cox Enterprises — the largest private broadband company in America, serving more than 6.5 million homes and businesses, and operating across media sectors (it recently acquired Axios to expand further).

The trouble with a footprint that large is identifying every exposure an attacker could exploit — and working out which ones pose the biggest risk and should be dealt with quickly.

Roving guards, not a yearly snapshot

David McLeod, VP and Chief Information Security Officer at Cox, relies on OSec’s Incenter platform for continuous assessment, to keep up with the exposures adversaries will seek as a way in. By combining machine-learning algorithms with the experience of seasoned professional hackers, Incenter surfaces the deluge of technical and security vulnerabilities hidden within a corporate network. In one project alone, Incenter tested more than 480,000 endpoints while running ongoing tests against a range of critical applications.

“Hackers are fast, so you must be faster. Incenter becomes the digital machine-learning equivalent of roving guards.”
David McLeod · VP / CISO, Cox Enterprises

Through the dashboard, verifiable and actionable information gives C-level executives the business context and associated risk they need to make decisions — while security engineers fix vulnerabilities in real time, for real-world benefit.

Point-in-time · once a yearexposed between snapshots →Continuous · Incenter480K endpoints, tested as the surface changes
Swipe to explore →
A yearly test is stale before it’s written. Continuous testing closes the gap between “tested” and “true.”

Why point-in-time isn’t enough

Traditional pen testing remains a useful tool; how useful depends on the organization, its objectives and its threat landscape. For those operating in frequently targeted sectors, point-in-time testing may not be adequate. Palo Alto’s Unit 42 found, in its 2022 Incident Response Report, that attackers typically start scanning for vulnerable systems 15 minutes after a vulnerability is publicly disclosed.

That’s why companies like Cox take a continuous, proactive approach. During a recent national election, there were threats of ransomware attacks on radio stations to take control of broadcasts with anti-candidate sentiments — and on-air personalities are regular targets. Incenter identifies the attack surface, surfaces complex issues (through a combination of automated testing and human experts) and drives remediation before issues can be exploited. It happens on an ongoing basis: issues are reported as they’re discovered, with no need to wait for an end-of-engagement report.

“The platform’s value is that it assists my team in understanding our real-time posture. It simplifies complex data.”
David McLeod · VP / CISO, Cox Enterprises

What continuous testing surfaced

Incenter has identified a range of exposures across the Cox environment, many of which could only be uncovered through combined automated and expert testing. That included complex bypasses for certain security controls and several zero-day vulnerabilities. In every case, remediation guidance was provided and issues were re-tested as required.

With continuous testing, clients like McLeod can grow capability without growing tools and staff. As the platform evolves, more security services are ingested — today it combines penetration testing, attack-surface management, threat intelligence and automated testing — leaving security teams with a single source of truth on the exposures they need to worry about most, the impact they could have, and how to fix them.

See how we’d test you