BI.ZONE CPT (Continuous Penetration Testing)

Main article: Security Information and Event Management (SIEM)

The BI. ZONE CPT (Continuous Penetration Testing) solution are designed to constantly monitor the security of the company's external IT perimeter. Reduces the lifespan of vulnerabilities through deep analysis of external infrastructure. BI. ZONE CPT regularly monitor changes at the perimeter of the company and its branches, and also provides information about existing vulnerabilities already verified by BI.ZONE experts.

2025: Adding an EPSS metric to prioritize vulnerabilities

An EPSS metric has been added to the BI. ZONE CPT to prioritize vulnerabilities. With its help, organizations will be able to identify the most dangerous vulnerabilities for them that need to be fixed first. This was reported on October 14, 2025 by BI.ZONE.

According to a Threat Zone 2025 study, 13% attacks on organizations Russia in and others countries CIS begin by exploiting vulnerabilities in public applications. However, according to to data BI.ZONE Threat Intelligence, attackers use less than 1% of all detected holes for real attacks. Thus, finding and eliminating the most dangerous vulnerabilities that attackers are most likely to try to exploit becomes a priority for building an organization's cyber defense.

For this process, only the CVSS (Common Vulnerability Scoring System) metric is not enough, since it focuses on the severity of the discovered gap, but does not show how actively attackers are using it. The EPSS (Exploit Prediction Scoring System) metric adds to the picture, showing how highly likely attackers are to exploit the vulnerability over the next 30 days.

Шаблон:Quote 'author=said Pavel Zagumennov, Head of Security Analysis Solutions BI.ZONE.

To correctly build work with the EPSS metric, BI.ZONE experts recommend starting with the following thresholds and then, if necessary, adjust them depending on the tasks and processes of a particular organization:

• EPSS below 0.3 - the vulnerability is not a priority for elimination, the risk level is low.
• EPSS 0.3-0.7 is the mean risk level and priority of elimination.
• EPSS is higher than 0.7 - the vulnerability must be eliminated first of all, a high level of risk is associated with it.

BI.ZONE previously reported attacks by the Paper Werewolf spy cluster that exploited vulnerabilities in the popular WinRAR archiver. Presumably, attackers acquired an exploit for one of these vulnerabilities on a shadow forum for $80,000.

2021: Inclusion in the register of Russian software

On April 23, 2021, the Digital Risk Strategic Management Company BI.Zone announced the entry of a number of its products into the register of Russian software Unified Register of the Russian Programs for electronic computers databases and included BI. ZONE CPT,,. BI.ZONE CESP BI.ZONE WAF

We are proud that our products are the work of Russian developers. Including them in the register domestic software will allow our customers to reduce costs, since the cost of such products will not include VAT in the amount of 20%. First of all, this is relevant for companies that need to use only - the Russian IT solutions, "said Rustem Khayretdinov BI.ZONE Growth Director.

2020: Opening free access amid coronavirus epidemic

On March 23, 2020, Sberbank announced that its subsidiary BI.Zone had opened free access to cybersecurity services. Until July 1, 2020, any Russian company will be able to receive services to protect the corporate network and employees on remote access.

This decision was made due to the difficult situation in Russia and the world in connection with the spread of coronavirus infection. The COVID-19 virus has affected many countries and caused a surge in cybercrime. Over the past two months, more than 4,000 domains have been registered with the words "coronavirus," covid, etc. At the same time, the number of phishing mailings increased by 30% compared to last quarter. About 20% of them contain information about the coronavirus.

Due to the difficult situation, organizations massively transfer employees to remote work. With a hasty transition, the role of the human factor increases: unprotected or non-security services are often added to the perimeter of the corporate network. Some companies are forced to take such a step consciously in order to provide quarantined employees with access to resources. In the last week alone, among customers of BI.ZONE, the number of connections of public services for remote work has grown by 23%. This approach significantly increases the vulnerability of the corporate network to cyber attacks.

To support Russian business, from March 18, 2020, BI.ZONE opened free access to the following cloud services.

• Perimeter Scanner scans the external IT perimeter, searches for vulnerabilities in the network, automatically monitors open network ports and applications, and also allows you to track the connection of third-party services.
• Continuous Penetration Testing (CPT) provides continuous monitoring of the external IT perimeter through regular automated checks. The service is especially relevant for large corporations and will replace penetration testing services during the epidemic.
• Cloud Email Security & Protection (BI. ZONE CESP) protects the email service from phishing and spam, checks attachments for malicious links and software.
• Phish Zone simulates phishing attacks within the company and trains employees to identify malicious emails. BI.ZONE specialists have prepared a special scenario related to the coronavirus.

2019: Continuous Penetration Testing Service Launch

On October 29, 2019, BI.Zone announced the launch of the Continuous Penetration Testing (CPT) service, designed to significantly increase customer security from outside cyber attacks.

Penetration Testing, or "penetration testing," has long been an important tool in the arsenal of cybersecurity specialists. Using various methods, experts simulate the actions of attackers trying to attack an organization, and thus identify most of the problem areas in protecting the client. Testing is usually done once a year or a quarter, and a variety of changes can occur between tests. Sometimes they unpredictably affect the degree of security of the organization, and are discovered at best during the next test. To solve this problem, BI.ZONE has developed a service that uses a different approach to digital protection of the external perimeter. Within CPT, many operations are automated, and customer safety is constantly tested for strength. This allows you to quickly find and eliminate newly emerging vulnerabilities. In addition, CPT includes expert work by analysts, and at the request of the customer, you can connect a number of additional options.

Despite the fact that the methodology for building an external IT infrastructure has changed a lot in recent years, the protection of this segment remains a mandatory element of the cybersecurity of any organization. We offer a multi-layered approach to protecting your company from external threats. As part of the service, we maximally automated the work that previously required the formation of a separate expert team. At the same time, client costs are reduced, and the time for closing vulnerabilities is reduced. It is worth noting separately that with infrastructure changes in the organization, you do not need to repeat the classic penetration testing, tells Evgeny Voloshin, director of the expert services block of BI.ZONE

According to BI.ZONE, employees of Russian companies regularly become victims of phishing and open letters with malicious attachments disguised as correspondence from counterparties and colleagues. Every year, messages from intruders are more difficult to distinguish from real emails, and 3 out of 10 employees are vulnerable to phishing. To check the effectiveness of the customer's internal security team, as well as to teach staff how to recognize and handle malicious messages, BI.ZONE experts suggest connecting an additional automated CPT option - training phishing emails and simulation of targeted hacker attacks.

Another way to increase the security of the company, which is available in CPT as an additional service, is automated load testing. During it, the service simulates an attack from the outside in controlled mode, the purpose of which is to overload the organization's applications with requests and disrupt their work. This allows you to find weaknesses in the application architecture and fix problems in advance in order to ensure the availability of enterprise services in the event of a real attack.