Lasso Security
Lasso Security is an Israel-linked cybersecurity startup building an External Attack Surface Management (EASM) platform that continuously discovers and assesses an organization’s internet-exposed assets to reduce exploitable external exposure and speed remediation.
Visit WebsiteCompany Overview
Lasso Security positions itself in External Attack Surface Management (EASM): continuous identification of internet-facing domains, hosts, services, and cloud/SaaS exposures—then correlating findings to risk signals (e.g., vulnerable services, misconfigurations, exposed credentials/ports, certificate and DNS artifacts) to prioritize remediation. The core value proposition is reducing unknown/forgotten exposure created by shadow IT, subsidiaries, rapid cloud changes, and third-party integrations—areas that traditional internal asset inventories routinely miss.
Competitively, EASM has consolidated around large security platforms and well-funded specialists. The most relevant benchmark set includes Palo Alto Networks (Cortex Xpanse), Microsoft’s Defender EASM (RiskIQ lineage), CyCognito, and IBM Randori (ASM). Differentiation therefore must be demonstrated with specifics: discovery coverage/accuracy, noise reduction, attribution to business owners, remediation workflows, integration depth (SIEM/SOAR/ITSM), and evidence of repeatable enterprise sales motion.
For defense and national security, EASM is a legitimate dual-use capability when applied to unclassified external perimeters across ministries/agencies, defense industrial base suppliers, and critical infrastructure operators. Strategic value increases if the platform supports contractor ecosystem mapping, continuous monitoring for typosquatting/brand abuse and exposed remote access, and operational workflows compatible with regulated environments (auditability, role-based access, on-prem/segmented deployment options, and alignment with U.S. federal procurement requirements).
Dual-Use Assessment
Attack surface management has dual-use applications for protecting defense external assets. Military organizations with complex infrastructure across agencies and contractors require continuous discovery and security assessment of internet-facing systems to prevent adversarial reconnaissance and exploitation.
Key Technologies
- External Attack Surface Management (EASM) / External Exposure Management
- Continuous internet-scale asset discovery (DNS/cert telemetry/passive signals and/or active scanning)
- External vulnerability and configuration exposure assessment (service fingerprinting, misconfiguration detection)
- Risk scoring and prioritization (business context/ownership attribution, exploitability signals)
- Workflow integrations (ITSM/SIEM/SOAR) for remediation tracking and governance
- Third-party and subsidiary exposure mapping (supplier-facing external footprint correlation)
Use Cases & Applications
- Continuous discovery of unknown or unmanaged internet-facing assets across subsidiaries and cloud accounts
- External exposure reduction: identify vulnerable services/misconfigurations and drive prioritized remediation
- M&A / divestiture security baselining of acquired entities’ external footprint
- Defense industrial base monitoring: map and monitor contractor/supplier external exposure that increases systemic risk
- Critical infrastructure perimeter monitoring (utilities, ports, healthcare) for rapid detection of newly exposed services
- Brand and domain abuse monitoring (typosquatting, rogue subdomains) as an early indicator of intrusion campaigns
Strategic Value to U.S.-Israel Alliance
Lasso provides attack surface management capabilities essential for defense organizations maintaining visibility and security posture across complex external infrastructure.
Interested in this startup?
Learn more about our investment approach or get in touch to discuss opportunities in dual-use technology.