DivisionHex Fires Back at Industry Confusion with a Clear Roadmap for Exposure Management

News provided by

Coalfire

Dec 02, 2025, 08:03 ET

New DivisionHex framework guides organizations through the Exposure Management journey, addressing industry gaps in strategy, process and governance

CHICAGO, Dec. 2, 2025 /PRNewswire/ -- Coalfire, an industry-leading cybersecurity services and solutions company, today announced an expanded Exposure Management offering that couples expert capabilities with a strategic framework for success. Exposure Management Services, a project of DivisionHex, Coalfire's elite offensive security division, empowers users with a threat-informed approach to uncover unknown assets, maximize discovery efforts and apply real-world threat intelligence to contextualize and prioritize risks.

Exposure management has emerged as a critical security priority over the past two years. However, unlike other areas of cybersecurity governed by frameworks from NIST or OWASP, exposure management lacks industry-standard definitions and maturity models, leaving security leaders without a clear roadmap for what good looks like.

DivisionHex has designed a phased approach that meets organizations wherever they are on their exposure management journey, with measurable milestones and alignment with real-world business risk.

Powered by Tenable One, DivisionHex's Exposure Management goes beyond simply delivering managed services and one-time assessments with:

  • Threat-Informed Defense Methodology – Prioritization based on adversary TTPs tailored to each organization's threat landscape.
  • Continuous Attack Surface Discovery – Real-time asset and exposure identification across cloud, on-premises and hybrid environments.
  • Risk-Based Prioritization – Correlating vulnerabilities with active threat intelligence and operational criticality.
  • Partnership-Driven Resilience – Long-term collaboration to strengthen client programs over time, not one-off assessments.

Charles Henderson, executive vice president and head of DivisionHex, Coalfire, said:
"Technology alone can't solve the exposure management challenge. Software vendors have focused too narrowly on detection, leaving customers overwhelmed by data and unclear on how to act. Our framework helps organizations bridge that gap by turning vast amounts of data into meaningful insights and action through better processes, smarter prioritization and faster remediation, empowering security teams to focus on problems before they become breaches."

Adam Kerns, managing principle, Cyber Security Services, Coalfire, said: "Organizations are drowning in vulnerability data without the context to act effectively. Tenable research shows traditional CVSS-only approaches create 10x more work than necessary and less than 3% of vulnerabilities are exploited, yet teams waste resources treating all CVEs equally. Our exposure management approach changes this by correlating vulnerabilities with active threat intelligence, exploitability and business impact – enabling security teams to focus on the exposures that actually matter to their organization."

Jeff Brooks, senior vice president, global channels & alliances, Tenable, said: "CISOs are shifting their mindset from emphasis on reactive firefighting to proactive fireproofing. Exposure management is a game-changer, enabling organizations to prevent breaches and reduce risk. We are thrilled to continue our partnership with Coalfire and help customers build robust exposure management programs to accurately prioritize and eliminate exposures based on the likelihood of attack."

For more information about Coalfire's Exposure Management solution, visit here.

Coalfire's DivisionHex is an elite cybersecurity service line launched in August 2025 that combines offensive hacking, defensive operations and managed security into one integrated offering. For organizations that have matured beyond basic compliance needs and are looking to level up to proactive threat-hunting, adversary simulation and resilient architecture, DivisionHex offers a partner that targets real-world threat scenarios rather than just checklists.

About Coalfire:
Coalfire, headquartered in Chicago, is a global services and solutions company that specializes in cyber advisory, assessment, and security. The company also develops cutting-edge technology platforms that automate defenses against security threats for the world's leading enterprises, cloud providers, and SaaS companies. Coalfire is the foremost provider of FedRAMP compliance assessments and penetration testing services in the United States. For more information, visit www.coalfire.com and follow LinkedIn, Twitter, and Facebook

Media Contact
Shannon Van Every
Force4 Technology Communications, LLC
[email protected] 

SOURCE Coalfire

21%

more press release views with 
Request a Demo

Also from this source

Accelerating Compliance and Confidence at Scale: Coalfire and Vanta's AI-Powered Partnership

Accelerating Compliance and Confidence at Scale: Coalfire and Vanta's AI-Powered Partnership

Vanta, the leading AI-powered Trust Management platform, and Coalfire, an industry-leading cybersecurity services and solutions company, today...
Cybersecurity Legends Team Up to Launch Coalfire DivisionHex, Dedicated to Offensive and Defensive Security Services

Cybersecurity Legends Team Up to Launch Coalfire DivisionHex, Dedicated to Offensive and Defensive Security Services

Coalfire® is introducing its new cybersecurity services and team, DivisionHex™, building on the company's long-time expertise with new specialties in ...
More Releases From This Source

Explore

High Tech Security

High Tech Security

Computer & Electronics

Computer & Electronics

Computer Software

Computer Software

Computer Software

Computer Software

News Releases in Similar Topics