The reports in the AttackIQ Platform offer many kinds of granular details, such as assessment descriptions, mitigation suggestions and report cards that evaluate scenarios according to name and pass rate. (Source: AttackIQ)Vendor: AttackIQPrice: $5,000 per test endpointContact: www.attackiq.com
Quick ReadWhat it does: AttackIQ Platform identifies gaps in production environments and helps mitigate risk so organizations may measure the effectiveness of their security posture and increase the overall return on investment of their existing security tools.What we liked: We very much appreciate the many informative and easily understood reporting options that are available out-of-the-box.AttackIQ Platform identifies gaps in production environments and helps mitigate risk so organizations may measure the effectiveness of their security posture and increase the overall return on investment of their existing security tools. Security control tests are typically costly and inefficient, requiring many intensive manual assessments. By contrast, AttackIQ automates the security control testing process, using the Integration Manager to establish connections between all the security tools present in an environment.Its simple assessments help analysts identify the best testing methods for their purposes as well as the best assets to perform the necessary tasks. The Scenario Library has several filters for pulling subsets that target desired assessment types. It also uses many different tactics and techniques to exercise various organizational security controls, emulate adversaries and uncover meaningful data. Security teams may customize scenarios that they can then save for future use. They may also configure assessments to run manually or to run automatically according to a set schedule.The Attack Navigator serves as a useful tool that homes in on threats and vulnerabilities by overlaying specific content monitoring onto the MITRE ATT&CK framework. This capability also creates new assessment templates for greater ease of use and adds a great deal of sophistication to the platform.The dashboard layout optimizes the user experience with an intuitive navigation pane that simplifies movement throughout the platform. The dashboard offers several filtering options for assessment results and analysts may categorize these results by assets or by the scenario types that they have run. The Technology Stack menu even offers various enabled and disabled integrations that teams may configure to suit their specific needs. A high-level overview shows many important statistics, including historical activity trends and detailed activity logs, about the various assessment scenarios the solution has conducted. The MITRE ATT&CK heatmap shows threats in a way that maximizes the visibility and efficiency of prevention and detection. Analysts may view threats broken down according to MITRE tactics.We very much appreciate the many informative and easily understood reporting options that are available out-of-the-box. Like the overview, all the reports offer many kinds of granular details, such as assessment descriptions, mitigation suggestions and report cards that evaluate scenarios according to name and pass rate. These detailed reports deliver tremendous value to blue teams because they outline how the platform has executed each scenario, which controls have detected each threat and what steps analysts must now take to complete the mitigation and validation processes.Overall, AttackIQ’s scalable and open systems platform lets customers download, modify and create their own content. The production-based testing scenarios offer realistic assessments of the enterprise environment and use powerful agents to simulate advanced covert attack methodologies such as lateral movements and living-off-the-land techniques. Because of its flexibility, security pros can implement this breach and attack simulation tool quickly, allowing customers to begin running assessments the moment they successfully deploy an agent within their environment.Pricing starts at $5,000 per test point and includes 24/7 phone, email and website support. The knowledgebase includes many substantive documentation manuals, including references to most of the API calls the platform provides.
There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]
It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news