ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | May 17, 2023
SimSpace, the industry leader in military-grade cyber ranges is today announcing the expansion of their ecosystem. The SimSpace Cyber Force Platform will now help Cymulate customers evaluate and validate their security stack with SimSpace's cyber ranges.
According to Cybersecurity Ventures, the total cost of cybercrime in 2023 is expected to hit $8tr and $10.5tr in 2025. Defending against the nation state tactics, techniques and procedures now targeting businesses will be on the mind of every board member and CISO this year. Adopting continuous security improvements will be the key that unlocks cybersecurity resilience, a major theme in Gartner's 2023 cybersecurity predictions. How organizations manage their cyber risk will dictate their security posture and financial optimization in the coming year.
SimSpace's Cyber Force platform enables listed companies and critical national infrastructure organizations around the world to test their networks in the highest-fidelity simulated environments commercially available. SimSpace's cyber range will enhance Cymulate customers' ability to perform market-leading team assessments, live-fire exercises and vulnerability exposure.
Carolyn Crandall, Chief Security Advocate at Cymulate believes the partnership will reinforce testing and training capabilities for leading businesses: "Our priority is to strengthen the cyber resilience and exposure assessment of our mutual customers, and SimSpace's cyber range will be an integral component in achieving this. Businesses around the world trust Cymulate's breach-and-attack platform to validate their critical processes. With SimSpace's high-fidelity emulation, Cymulate customers can further benefit from the integrated live-fire training and real-world testing capabilities they provide."
William "Hutch" Hutchison, co-founder and CEO of SimSpace Inc sees the partnership as an opportunity for growth: "We are excited to develop our partnership with Cymulate to provide world-class cyber readiness training for our mutual partners."
"As our customers continue to face unprecedented cybersecurity challenges, this partnership will allow them to continuously develop and improve their defensive abilities. SimSpace's Cyber Force Platform was born out of a need for the highest level of threat detection which has developed into a business necessity in 2023. As bad actors elevate the complexity and frequency of attack paths today, SimSpace's cyber range provides government-grade protection for platforms such as Cymulate to achieve unparalleled cyber preparedness."
The Cymulate platform provides threat exposure assessment, Breach and Attack Simulation (BAS), and Continuous Automated Red Teaming (CART) for delivering real-time visibility to vulnerabilities, understanding the efficacy of security controls, and automated testing. The Cymulate platform continuously assesses, optimizes, and rationalizes the state of security controls, while creating baselines for proving security efficacy across the full cyber kill chain and for continuous improvement.
SimSpace is the global leader in military-grade cyber ranges, founded by experts from U.S. Cyber Command and MIT's Lincoln Laboratory to respond to a new era of unprecedented cyber threat. The company's Cyber Force Platform enables the most sophisticated enterprises, governments, and critical national infrastructure organizations to find intelligence-driven answers to the most vexing security, governance, training, and cyber readiness questions. SimSpace provides high-fidelity cyber security simulations, training, and safe live-fire exercises previously only available to the U.S. Cyber Command and the world's most advanced intelligence agencies. Now, Fortune 2000 financial, retail, insurance, and other commercial markets can access nation-state level security capabilities to protect their critical assets, with an average reduction in cyber operational costs of 30% and a 40% reduction in breaches.
DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Prnewswire | March 27, 2023
Vectra AI, the leader in AI-driven hybrid cloud threat detection and response, today announced the introduction of Vectra Match. Vectra Match brings intrusion detection signature context to Vectra Network Detection and Response (NDR), enabling security teams to accelerate their evolution to AI-driven threat detection and response without sacrificing investments already made in signatures.
"As enterprises transform embracing digital identities, supply chains and ecosystems - GRC and SOC teams are forced to keep pace. Keeping pace with existing, evolving and emerging cyber threats requires visibility, context and control for both known and unknown threats. The challenge for many security organizations is doing so without adding complexity and cost," says Kevin Kennedy, SVP Products at Vectra.
With the addition of Vectra Match, Vectra NDR addresses core GRC and SOC use cases enabling more efficient and effective:
Correlation and validation of threat signals for accuracy.
Compliance for network-based CVE detection with compensating controls.
Threat hunting, investigation and incident response processes.
"CISOs and their SOC teams across Asia Pacific are working with a challenging lack of visibility across their hybrid cloud environments, as attackers continue to evolve. Vectra NDR now enables security teams to unify signatures for known threats and AI-driven behavior-based detection for unknown threats in a single solution," comments David Sajoto, Vice President Vectra Asia Pacific Japan.
According to Gartner®, "recent trends in the NDR market indicate many NDR offerings have expanded to capture new categories of events and to analyze additional traffic patterns. This includes new detection techniques: by adding support for more traditional signatures, performance monitoring, threat intelligence and sometimes malware detection engines. This move toward more multifunction network detection aligns well with the use case of network/security operations convergence, but also with midsize enterprises."1
"The attack surface cyber attackers have at their disposal continues to grow exponentially creating unknown threats on top of the tens of thousands of known vulnerabilities that exist. Attackers simply have exponentially more ways to infiltrate an organization and exfiltrate data -- and do so with far more frequency, velocity and impact. Keeping pace with attackers exploiting known vulnerabilities and unknown threats is an immense challenge for every Security, Risk and Compliance officer," says Ronald Heil, Global Risk Advisory Lead for Energy and Natural Resources and Partner at KPMG Netherlands. "Today, cyber-resilience and compliance requires complete visibility and context for both known and unknown attacker methods. Without it, disrupting and containing their impact becomes an exercise in brand reputation and customer trust damage control. Vectra Match capabilities allow us to combine both worlds, having the continued AI-based detection of real-time "movement", while also having the ability to check against specific Suricata indicators -- often required during incident response or proof of compliancy (e.g., Log4J). Consolidating AI-based and signature-based detection enables optimization, because in our case, less is more."
"When it comes to shadow IT, we know people with admin rights are 'building boxes off the grid.' Our SOC team cannot protect what we cannot see, thus making these unknown systems prime targets for attackers. No doubt, behavior-based AI-driven detections are great for catching attackers deploying new, evasive methods, but when it comes to attackers leveraging CVEs to compromise unknown, unpatched systems, we need signature-based detection. Combining signature-based detection with behavior-based detection gives our SOC team visibility for both the known-unknown and unknown-unknown threats. It's the best of both worlds," says Brett Fernicola, Sr. Director, Security Operations at Anywhere.re.
Vectra NDR with Vectra Match
Vectra NDR - a key component of the Vectra platform - provides end-to-end protection against hybrid and multicloud attacks. Deployed on-premises or in the cloud, the Vectra NDR console is a single source of truth (visibility) and first line of defense (control) for attacks traversing cloud and data center networks. By harnessing AI-driven Attack Signal Intelligence, Vectra NDR empowers GRC and SOC teams with:
AI-driven Detections that think like an attacker by going beyond signatures and anomalies to understand attacker behavior and zero in on attacker TTPs across the entire cyber kill chain post compromise, with 90% fewer blind spots and 3x more threats proactively identified.
AI-driven Triage that knows what is malicious by utilizing ML to analyze detection patterns unique to the customer's environment to score how meaningful each detection is, thus reducing 85% of alert noise - surfacing only relevant true positive events that require analyst attention.
AI-driven Prioritization that focuses on what is urgent by automatically correlating attacker TTPs across attack surfaces, evaluating each entity against globally observed attack profiles to create an attack urgency rating enabling analysts to focus on the most critical threats to the organization.
Vectra NDR empowers security and risk professionals with next-level intrusion detection. Armed with rich context on both known and unknown threats, GRC and SOC teams not only improve the effectiveness of their threat detection, but the efficiency on their threat hunting, investigation and incident response program and processes. Vectra NDR with Vectra Match is available for evaluation and purchase today. For additional information, please visit the following resources.
Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. Only Vectra optimizes AI to detect attacker methods - the TTPs at the heart of all attacks - rather than simplistically alerting on "different." The resulting high-fidelity threat signal and clear context enables cybersecurity teams to rapidly respond to threats and stop attacks from becoming breaches. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure - both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.
ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY
Businesswire | April 03, 2023
AttackIQ®, the leading independent vendor of Breach and Attack Simulation (BAS) solutions, today announced the availability of AttackIQ Ready!, a fully managed breach and attack simulation service that leverages years of advanced content and actionable reporting to improve organizations’ security posture and security program performance. The service was designed to simplify the execution of a continuous security validation program, showing results in real-time and orchestrating faster remediation – all through one automated platform – for everyone who wants it.
Absent real data, teams lack clarity about their capabilities and performance and cannot confidently operate against the adversary. AttackIQ has found that security controls only stop the adversary 39% of the time in the real world due to misconfigurations and security control degradation. To solve this problem, AttackIQ Ready! delivers clear reporting and analysis so that security leaders know how well their controls perform against the adversary. AttackIQ Ready! provides weekly reports, monthly executive-focused reports, and insurance-focused reports that can be used to communicate to the executive team, the board, insurance companies, and regulators alike.
“We know that automated testing provides a path to better security and business outcomes. With this announcement, we are making AttackIQ’s advanced testing capabilities available to a much broader section of the market,” said Carl Wright, Chief Commercial Officer, AttackIQ. “Many organizations lack the resources to operationalize the MITRE ATT&CK framework or conduct red team assessments of their cyberdefenses. We are very excited to release AttackIQ Ready! to help teams of all sizes maximize return on investment and improve operational readiness.”
With AttackIQ Ready!, organizations can expect the following:
Easy and Immediate Use: From day one, AttackIQ Ready! provides an easy-to-use and immediate baseline understanding of your security coverage as well as continuous visibility into your security posture. It helps you to identify gaps and issues surrounding your overall cybersecurity hygiene.
Weekly and Monthly Reporting: Weekly and monthly reports about your security controls’ performance, including against specific adversaries curated by the AttackIQ Adversary Research Team (APT29, FIN6, etc.).
Monthly Adversary Curation: Every month, the AttackIQ Adversary Research Team introduces a new set of adversarial campaigns to test your security controls against that specific adversary.
Continuous Automated Testing: The AttackIQ Ready! team conducts weekly tests of your security controls using MITRE ATT&CK-aligned assessments drawn from the full AttackIQ research library.
Actionable Remediation Guidance: Generates tailored, easy-to-use remediation guidance so that you can close gaps and address issues quickly to improve performance.
Detection Engineering: AttackIQ Ready! introduces the option of detection testing for companies that have a security operations center or a SIEM structured to respond to alerts and attacks.
In-App Threat Intelligence and Analysis: Gain immediate in-app analysis about emerging and advanced threats and how to prepare your defenses to withstand attacks.
AttackIQ Ready! will help an even broader range of customers to achieve these results. A security operations center is not required to use AttackIQ Ready!. All that is needed are existing security controls to validate, either through cloud services like AWS or Azure or security providers.
What kind of results might companies expect? One security leader at a premier biosciences company recently used the AttackIQ platform to prove to an insurance company that his security controls were performing as intended and negotiate a peg to his insurance premium, saving his organization hundreds of thousands of dollars in fees. As he said, “When we can prove that our solutions and controls are not just adequate, but they're rock solid, there's much value there. The investments in our firewalls, endpoint controls, and network security controls help build the program's reputation and instill more confidence. Then when we go to the board for requesting a large sum of funding for maybe a new project, there are not as many questions.”
“AttackIQ has helped companies from the Fortune 10 to Global 2000 elevate their security effectiveness, including JetBlue, Bupa and the Department of Defense,” Wright continued. “This service will help companies hone security analyst and security operations team performance, find redundancies in security controls, validate security controls for insurers, decrease the impact of breaches, and much more. You can’t manage what you can't measure, and we look forward to helping organizations measure their defenses against the adversary.”
Pricing and Availability
AttackIQ Ready! is available now. More details are available at: www.attackiq.com/ready. For pricing or to schedule a demo, contact AttackIQ.
AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. The Company is committed to giving back to the cybersecurity community through its free award-winning AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat-Informed Defense.