Lasso Security
Lasso Security is an Israel-linked cybersecurity startup building an External Attack Surface Management (EASM) platform that continuously discovers and assesses an organization’s internet-exposed assets to reduce exploitable external exposure and speed remediation.
Visit WebsiteCompany Overview
Lasso Security positions itself in External Attack Surface Management (EASM): continuous identification of internet-facing domains, hosts, services, and cloud/SaaS exposures—then correlating findings to risk signals (e.g., vulnerable services, misconfigurations, exposed credentials/ports, certificate and DNS artifacts) to prioritize remediation. The core value proposition is reducing unknown/forgotten exposure created by shadow IT, subsidiaries, rapid cloud changes, and third-party integrations—areas that traditional internal asset inventories routinely miss.
Competitively, EASM has consolidated around large security platforms and well-funded specialists. The most relevant benchmark set includes Palo Alto Networks (Cortex Xpanse), Microsoft’s Defender EASM (RiskIQ lineage), CyCognito, and IBM Randori (ASM). Differentiation therefore must be demonstrated with specifics: discovery coverage/accuracy, noise reduction, attribution to business owners, remediation workflows, integration depth (SIEM/SOAR/ITSM), and evidence of repeatable enterprise sales motion.
For defense and national security, EASM is a legitimate dual-use capability when applied to unclassified external perimeters across ministries/agencies, defense industrial base suppliers, and critical infrastructure operators. Strategic value increases if the platform supports contractor ecosystem mapping, continuous monitoring for typosquatting/brand abuse and exposed remote access, and operational workflows compatible with regulated environments (auditability, role-based access, on-prem/segmented deployment options, and alignment with U.S. federal procurement requirements).
Dual-Use Assessment
Attack surface management has dual-use applications for protecting defense external assets. Military organizations with complex infrastructure across agencies and contractors require continuous discovery and security assessment of internet-facing systems to prevent adversarial reconnaissance and exploitation.
Key Technologies
- External Attack Surface Management (EASM) / External Exposure Management
- Continuous internet-scale asset discovery (DNS/cert telemetry/passive signals and/or active scanning)
- External vulnerability and configuration exposure assessment (service fingerprinting, misconfiguration detection)
- Risk scoring and prioritization (business context/ownership attribution, exploitability signals)
- Workflow integrations (ITSM/SIEM/SOAR) for remediation tracking and governance
- Third-party and subsidiary exposure mapping (supplier-facing external footprint correlation)
Use Cases & Applications
- Continuous discovery of unknown or unmanaged internet-facing assets across subsidiaries and cloud accounts
- External exposure reduction: identify vulnerable services/misconfigurations and drive prioritized remediation
- M&A / divestiture security baselining of acquired entities’ external footprint
- Defense industrial base monitoring: map and monitor contractor/supplier external exposure that increases systemic risk
- Critical infrastructure perimeter monitoring (utilities, ports, healthcare) for rapid detection of newly exposed services
- Brand and domain abuse monitoring (typosquatting, rogue subdomains) as an early indicator of intrusion campaigns
Strategic Value to U.S.-Israel Alliance
Lasso provides attack surface management capabilities essential for defense organizations maintaining visibility and security posture across complex external infrastructure.
Need a diligence readout?
Get in touch to discuss dual-use technology screening, government-market assessment, or strategic diligence.