Price: Dependent on the size of the deployment.
What it does: Leverages thousands of attack simulations to provide a “hacker’s view” of security risks and gives analysts actionable mitigation guidance and prioritized resources.
What we liked: The vast library of attack simulations available, supplemented with Breach Studio’s development environment for create-your-own simulations functionality.
SafeBreach Platform provides a “hacker’s view” of security risks across the network and cloud to give analysts actionable guidance on mitigating those risks and prioritizing resources. The threat landscape is quickly evolving. Manually testing security with methods like penetration testing are expensive and insufficient to keep up with these changes.
SafeBreach attempts to resolve the issues of manual testing by offering continuous security validation through attack simulation, result prioritization and mitigation. Attack planning is unnecessary as is manual configuration and the solution doesn’t introduce biases.
Thousands of attack simulations are automatically and continuously conducted on cloud networks, endpoints and email to provide immediate insight into attack postures. Nearly 7,000 available attack simulations cover the entire kill chain and emulate common hacker methodologies like infiltration, lateral movements, host-level attacks and exfiltration. Create-your-own attacks from PCAP, Python and sample code files also are possible within the development environment, Breach Studio.
Result prioritization uses insights to automatically target critical issues helping analysts visualize the attack path with drill-down functionality so they can investigate specific results and decide which issues should be targeted first. SafeBreach also integrates with security controls to incorporate detection and prevention capabilities.
Insights provide actionable remediation data that analysts can use to fix issues quickly, and integrations with SOAR tools and ticketing systems trigger and automate remediation workflows. Analysts also can use the mitigation component of this platform to track problems and decide whether mitigations continue to be successful. Analysts can track security posture status with GRID, a map that allows them to play with risk and how it is distributed across the network.
Through GRID, analysts can get an exportable risk report of an overall risk score based on five indicators: Attack Surface, Critical Segment, Known Attacks, Exposure Time and MITRE Risk. The GRID map provides an overall risk percentage for each category and identifies the top three categories that contribute to risk for quick visibility. Analysts can delve into virtually every element of this graph for more detailed information.
This highly scalable product offers results that are easy to visualize and operationalize while simplifying the process of associating risk with overall security posture.
SafeBreach can be
leveraged for a variety of use cases and is a good fit for those looking
to measure the effectiveness of their security controls; improve their return on investment for other security tool investments; gain threat-specific visibility and increase preparedness; further SOC and incident response training; enhance penetration testing and Red Team operations; and/or assess risk in mergers and acquisition processes.
Pricing is dependent on deployment size and includes 24/7 support, a dedicated customer success representative, access to the research team for security-related support, a customer knowledgebase, a community portal and a documentation portal.
Tested by Matthew Hreben