Attack Surface Management
,
Next-Generation Technologies & Secure Development
,
Security Operations
Expanded Attack Surface Management Prowess Fuels Real-Time Vulnerability Validation

Searchlight Cyber purchased an Australian attack surface management startup led by a former Trustwave director to provide actionable security intelligence through active vulnerability testing.
See Also: Cloud Security and the Evolving Role of the Firewall
The Portsmouth, England-based threat intelligence vendor said its acquisition of Brisbane, Australia-based Assetnote will help with actively testing vulnerabilities, reducing false positives and improving security teams’ efficiency. The deal will give customers deeper security context while helping security teams prioritize and mitigate risks more effectively, said co-founder and CEO Ben Jones.
“Our technology road map was already growing into the direction of attack surface management, and we came across Assetnote as a business and realized that what they built was market-leading,” Jones told Information Security Media Group. “So rather than going out and building another product to fill the area, we’d actually be better off buying a company that already did that.”
Assetnote, founded in 2018, employs fewer than 20 people and hasn’t raised any outside funding. The company has been led since its inception by Michael Gianarakis, who previously led Trustwave’s SpiderLabs threat research arm in Asia-Pacific, served as a senior analyst at Deloitte, where he focused on security and resilience, and worked as a senior consultant at Ernst & Young.
Searchlight traditionally focused on threat intelligence while Assetnote handled technical vulnerability management, and Jones said bringing the two together will enable a more comprehensive solution. The combined capabilities will give organizations better insights into their attack surfaces while integrating actionable threat intelligence, Jones said (see: European Police Make Headway Against Darknet Drug Markets).
How Attack Surface Management Complements Threat Intel
Threat intelligence provides valuable insights into the tactics and tools used by cyberattacks, while attack surface management focuses on identifying and securing vulnerabilities, Jones said. These two areas naturally complement each other, with ASM tools benefiting from contextual threat intelligence to prioritize vulnerabilities as well as threat intelligence becoming more actionable when paired with ASM.
“Threat intelligence helps provide context for vulnerabilities – so if you have 10 things to look at, it helps you determine which one to address first,” Jones said. “Assetnote customers were asking for more threat intelligence context, and our customers were asking for more actionable insights. The two spaces naturally converge.”
He said Searchlight’s investors played an important role in identifying Assetnote as a strong potential acquisition target by evaluating Assetnote’s capabilities by running the software internally and coming away impressed with its findings. The effectiveness of the technology convinced Searchlight that acquiring Assetnote would be a better option than developing an ASM product in house, Jones said.
“We were working with our investors, who have a broad reach in terms of the companies that they know, and we described to them the sorts of things that we were looking at,” he said. “So, they helped us out. And then we actually tried Assetnote’s product across our own systems, and some of the stuff that they found was really intriguing, and so that’s what then piqued our interest further.”
One of the major challenges in attack surface management is the high volume of false positives due to many tools relying on passive data feeds combined with vulnerability databases. But instead of merely flagging a potential issue, Jones said Assetnote’s technology verifies whether the vulnerability is truly exploitable, which significantly reduces false positives and ensures security teams focus on real threats.
“One of the problems within this space is the signal-to-noise ratio. A lot of products just take in a feed from Shodan or other sources and overlay CVE data, but it’s all passive,” Jones said. “The unique thing about Assetnote is that they actually build payloads that go in and test vulnerabilities. If their platform shows something as a threat, it’s a genuine threat and it’s something you need to address.”
How Searchlight Cyber, Assetnote Will Come Together
The first integration priority is to provide immediate cross-platform access so customers of both companies will be able to use each other’s platforms, Jones said. From there, the company will implement single sign-on across both platforms and introduce deeper technical integrations. Eventually, the goal is to create a unified user interface that integrates the best elements of both platforms.
“Our existing customers on both sides will get access to the other platform almost immediately,” Jones said. “One of the first things to make that go smoothly is having single sign-on, which we expect to roll out shortly. Over the next year, we’ll integrate at a deeper platform level, so users can navigate seamlessly between modules.”
Both Assetnote CEO Gianarakis and CTO Shubham Shah will stay with Searchlight, with Gianarakis taking on the leadership role for Searchlight’s ASM platform while Shah continues to lead research and engineering efforts in Australia. Shah is particularly well known in the bug bounty and ethical hacking community, and Jones said his expertise will help Searchlight stay at the forefront.
“He’s a minor celebrity within those circles, and the skill set that he brings to the business as a whole is really powerful and helps elevate us into that the position that would have taken us a long time to have built up organically within the organization,” Jones said.
He said the success of the Vulcan Cyber acquisition will be measured by maintaining annual growth rates of nearly 100% and increased cross-sell and upsell opportunities as existing clients of each company adopt the other’s product. Searchlight also wants to ensure existing customers find additional value from the integrated solution and continue to invest in R&D to maintain market leadership, Jones said.
“We’re going to continue making sure that the products are the best they can be, and we continue to be the leaders in this space,” Jones said. “So that will be the main things which we’ll be focusing on, and everything else will just fall in line for us.”