Open Nav
Sign Up

Gartner SecOps Hype Cycle Highlights Continuous Expert-Level PTaaS Advantages

Roy Zinman

September 15, 2023

Recently, Gartner published the 2023 Hype Cycle for Security Operations.

Security operations technologies and services protect IT systems, cloud workloads, applications, and other digital assets from attack. They do this by identifying threats and vulnerabilities, and then taking steps to mitigate them. Security and risk management leaders use this Gartner research to develop and implement security strategies that are tailored to their needs.

As cloud architecture, open-source code and CI/CD evolve, this creates a larger attack surface and with it, a need for a more continuous, automated, and risk-based detection and management of vulnerabilities.  

In  their research, Gartner highlighted the concept of a CTEM program (Continuous Threat Exposure Management) as a key capability area which security and risk managers must include in their roadmaps. According to Gartner, “​​Exposure Management reduces the challenges organizations face inventorying, prioritizing and validating threat exposure that exist due to a rapidly expanding attack surface where traditional vulnerability management isn’t enough”. 

Gartner points out that siloing exposure activities such as penetration testing, threat intelligence management, and vulnerability scanning offers little to no awareness of the full scope of risks  the organization faces. Therefore, it is recommended to embrace a broader CTEM program, mobilizing the relevant organizational stakeholders, focusing on visibility and a risk-based, rapid response and reaction. 

Let’s see how adopting a continuous expert-level PTaaS solution aligns with Gartner’s recommendations for users:

  • When referring to Pen Testing as a Service (PTaaS), Gartner states that “PTaaS allows developers to talk to and receive guidance from pentesters instead of arguing with scanners”. A key feature of any PTaaS platform is a direct communication channel between developers and pentesters, enabling contextual discussions of vulnerability findings using the on-platform comments, and/or integrations with organizational productivity tools such as Slack, Teams and Jira.
  • Another driver for PTaaS according to the research is the limited in-house security expertise, which requires external assistance to meet compliance and risk objectives. In many cases this calls for using expert security researchers, as opposed to “typically vetted freelancers” which might provide variable quality results.
  • In the user recommendations section, the first advice is to create a mix of penetration testing, red team, automated testing and bug bounty / vulnerability disclosure program. It is better to get one vendor that can provide all of these, in order to get a comprehensive visibility.
  • Favor hybrid scanning models that combine human analysis and automation to increase both effectiveness and efficiency.
  • Select a PTaaS vendor that aligns with relevant compliance requirements, and not just focused on internet-facing infrastructure and applications. They also recommend Seek PTaaS vendors that provide customized and tailored guidance throughout the life cycle of their service to alleviate the security skills gap.

Finding such a mix of certified expert support, automated capabilities and an integrated platform is not easy, as many vendors lack at least one of these parameters. 

When referring to EASM (External Attack Surface Mapping) which applies to discovery & monitoring of internet-facing assets’ for exposures from an attacker’s perspective and immediate remediation, Gartner recommends considering available capabilities from converging markets and existing vendors, as security testing, threat intelligence and broad security platforms all offer viable EASM features. Gartner states concern over “Already overburdened vulnerability management (VM) capabilities and teams concerned about adding to workload” which means that you would prefer some kind of a managed triage for the EASM findings. 

Summary 

Gartner’s 2023 Hype Cycle for Security Operations highlights the need for a more continuous, automated, and risk-based detection and management of vulnerabilities. The research recommends that organizations adopt a CTEM program (Continuous Threat Exposure Management) to reduce the challenges of inventorying, prioritizing, and validating threat exposure. Gartner also recommends adopting a PTaaS (Penetration Testing as a Service) solution to allow developers to talk to and receive guidance from pentesters instead of arguing with scanners. Finally, Gartner recommends considering available EASM (External Attack Surface Mapping) capabilities from converging markets and existing vendors.

Here are some specific recommendations from Gartner:

  • Create a mix of penetration testing, red team, automated testing, and bug bounty / vulnerability disclosure program.
  • Favor hybrid scanning models that combine human analysis and automation.
  • Select a PTaaS vendor that aligns with relevant compliance requirements.
  • Seek PTaaS vendors that provide customized and tailored guidance throughout the life cycle of their service.
  • Consider available EASM capabilities from converging markets and existing vendors.

By following these recommendations, organizations can improve their security posture and mitigate the risks associated with a rapidly expanding attack surface.

About WASP

The WASP platform was built by OP Innovate to enable application security professionals to efficiently discover, assess, and manage their external and internal exposure

WASP combines advanced penetration testing, attack surface mapping, code analysis and contextual vulnerability prioritization, with remediation solutions that integrate with the DevSecOps pipeline to deliver a full life cycle of vulnerability visibility and control.

Continuous proactive testing

Manage the dynamic attack surface (external & internal)

Highly skilled and accredited team members (CREST, OffSec, etc) 

Respond to constantly emerging vulnerabilities and attack vectors 

Centralize multiple sources of vulnerabilities

Reduce the alert fatigue of false positives

See WASP solution overview

Resources highlights

Google Chrome Zero-Day Under Exploitation (CVE-2026-2441)

CVE-2026-2441 is a high-severity use-after-free vulnerability in Google Chrome that is actively exploited in the wild. This marks the first Chrome zero-day patched in 2026.…

Read more >

CVE-2026-2441

Actively Exploited BeyondTrust RCE (CVE-2026-1731)

CVE-2026-1731 is a critical remote code execution (RCE) vulnerability affecting BeyondTrust Remote Support and Privileged Remote Access solutions. The flaw is actively exploited in the…

Read more >

CVE-2026-1731

WPvivid Backup & Migration Critical RCE (CVE-2026-1357)

A critical vulnerability tracked as CVE-2026-1357 (CVSS 9.8) affects the WPvivid Backup & Migration WordPress plugin and can allow unauthenticated arbitrary file upload leading to…

Read more >

CVE-2026-1357

Malicious “AI Assistant” Chrome Extensions Stealing Credentials and Email Data

A malicious browser extension campaign dubbed AiFrame has been identified distributing fake AI assistant tools through the Chrome Web Store. At least 30 malicious extensions,…

Read more >

chrome extensions

CVE-2026-21509: Actively Exploited Microsoft Office Security Bypass

CVE-2026-21509 is a zero-day security feature bypass vulnerability in Microsoft Office that has been confirmed as actively exploited in the wild. The flaw allows adversaries…

Read more >

cve-2026-21509

Guidance to Address Ongoing Exploitation of Fortinet SSO Vulnerability (CVE-2026-24858)

CVE-2026-24858 is a critical authentication bypass in FortiCloud Single Sign-On (SSO) that can allow an attacker with a FortiCloud account and a registered device to…

Read more >

cve-2026-24858
Under Cyber Attack?

Fill out the form and we will contact you immediately.