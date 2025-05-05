Orange Cyberdefense has launched a new service called ActiveWatch, which its South African team developed to offer continuous monitoring and insights from senior-level analysts.

Dominic White, the hacking director and South African MD for Orange Cyberdefense, said the product was developed entirely by the SensePost team in South Africa.

“It’s a unique blend of custom tooling and human expertise, crafted to close a critical gap we’ve observed in security programmes over the past two decades,” White said.

SensePost was founded on 14 February 2000 by a group of like-minded South African hackers, and rapidly grew into one of South Africa’s premier cybersecurity firms.

It was acquired by SecureData, becoming a consulting subsidiary of its parent, which at the time was the largest independent cybersecurity service provider in the United Kingdom.

In 2019, Orange acquired 100% of SecureData as part of an initiative to increase its international reach and expertise in cybersecurity.

It rebranded to Orange Cyberdefense in 2020, with SensePost becoming a team within the larger organisation.

ActiveWatch, the SensePost team’s newest service, aims to answer the question: How do you know when your perimeter has something an attacker could use between penetration tests?

It employs a suite of customised tooling that detects early signals and indicators that seasoned hackers recognise as precursors to deeper vulnerabilities.

Upon detecting these signals, an expert team at Orange Cyberdefense conducts manual verification and investigation, avoiding false positives and delivering only high-quality, impactful alerts.

ActiveWatch does this by manually analysing signals and their sources for exploitable vulnerabilities.

Where safe to do so, penetration testers exploit vulnerabilities to ensure they only send high-quality alerts and recommendations to clients.

Orange Cyberdefense explained that traditional methods of understanding vulnerabilities in your perimeter include bug bounties, penetration testing, and vulnerability scanning.

However, it said bug bounties leave you wondering if the third parties have the skills or focus to uncover complex vulnerabilities while adhering to your rules.

On the other hand, penetration testing is high-quality, fast, and deep, but it is also a snapshot in time and misses the vulnerabilities that show up between testing windows.

Vulnerability scanning, while scalable and reliable, generates a flood of information with time-consuming false positive validation.

“ActiveWatch combines the best of both worlds — continuous monitoring and high-quality insights, delivered affordably, leveraging automation and the scalability of senior-level skills,” White said.

“The early results from our initial clients have been impressive, uncovering unknown services and significant zero-day vulnerabilities within just weeks.”

White said that although they can’t promise these exact outcomes every time, he believes these initial successes validate their approach and innovation.