Orange Cyberdefense, a global leader in cybersecurity services, has launched ActiveWatch, a groundbreaking solution that merges continuous attack surface discovery and penetration testing of internet-facing systems and applications to deliver only qualified, high-risk alerts on exploitable vulnerabilities that could compromise an organisation.
Security, infrastructure, and cloud teams are consistently under pressure to manage an ever-growing, ever-changing attack surface as IT environments become more complex and distributed.
Vulnerability scanning offers comprehensive surfacing of any potential issues in an environment without always having a realistic risk or security implication attached to it.
Penetration testing while a highly effective and targeted exercise, is costly and therefore does not scale.
The only way to cost-effectively perform continuous pentesting is to have the ability to continuously monitor and analyse the attack surface to prioritise risk mitigation.
Bridging the gap between scanning and penetration testing
ActiveWatch eliminates this compromise between scanning and pentesting by integrating both methodologies, ensuring continuous attack surface monitoring.
“ActiveWatch bridges this critical gap by employing a suite of scanners – both open source and custom – in an effective workflow that detects early signals and indicators that seasoned hackers recognise as precursors to deeper vulnerabilities,” says Orange Cyberdefense CTO Leon Jacobs.
“Upon detecting these signals, our expert team conducts manual verification and investigation, avoiding false positives and delivering high-quality, impactful alerts.”
By combining advanced automated scanning with the expertise of seasoned penetration testers, ActiveWatch ensures organisations receive high-quality, actionable alerts with zero false positives while closing critical security gaps that leave them vulnerable to attackers.
ActiveWatch delivers structured, high-quality vulnerability assessments conducted by trained professionals. Each identified signal undergoes thorough analysis, ensuring organisations receive only validated, relevant alerts.
“If you hear from us, it’s likely that we’ve discovered a seriously dangerous vulnerability or attack path that needs urgent remediation,” Jacobs explains.
Five key differentiators
- Continuous reconnaissance mode – Ongoing monitoring and discovery of external attack surfaces, spotting obscure risks that might be missed, including those exposed by shadow IT.
- Laser-focused alerts – Unlike conventional scanners that generate floods of information, ActiveWatch prioritises real, hacker-validated threats, ensuring security teams focus on effective risk mitigation.
- Human intelligence + smart technology – Ethical hackers utilise multiple scanning sources and workflows to analyse findings, delivering high-quality, demonstrable, and reproducible reports.
- The crowd effect – The more scanning data at hand, the more one can correlate across multiple clients, providing compounding security benefits.
- Constant evolution – ActiveWatch detection capabilities are based on new research from both the industry and Orange Cyberdefense, plus penetration testing insights from traditional engagements, ensuring adaptation to growing threats.
Market validation and timing
The need for continuous and proactive monitoring has never been greater. The Forrester Wave: Attack Surface Management Solutions, Q3 2024 report underscores the importance of comprehensive attack surface visibility for effective exposure management.
It highlights that organisations must combine internal and external asset visibility to strengthen their cybersecurity strategy, along with continuous penetration testing of any identified attack surface.
Simple setup, maximum impact
Setting up ActiveWatch is simple and flexible. Organisations provide an inventory of their internet-facing infrastructure, including domains, hostnames, IP addresses, and brand-related information – anything an external attacker would find interesting.
Operationally, no access needs to be provisioned, nor do any agents need to be installed, making it extremely lightweight and low-effort for clients to activate. ActiveWatch takes the perspective of a motivated external attacker.
Uniquely, ActiveWatch doesn’t charge per-host or per-application, encouraging broad-based attack surface management while remaining highly cost-effective and scalable. Once initial test scans confirm stability, continuous monitoring begins, allowing ActiveWatch to adapt dynamically to evolving threats.
“ActiveWatch is designed to evolve alongside your organisation. Its flexible workflow continuously maps and monitors your external attack surface, while the Orange Cyberdefense SensePost Team constantly updates detection capabilities based on real-world threats. This ensures organisations aren’t just addressing today’s security challenges but are also prepared for future threats,” Jacobs concludes.
