Vendor: Spirent Communications, plc.
What it does: Spirent CyberFlood Data Breach Assessment offers attack simulation technology with hyper-realistic traffic emulation to test production and operational environments safely, while still enabling security posture validation without all the usual false positives that too often come with it.
What we liked: The attack simulations and evasion techniques realistically emulate many different types of attack, including breaching networks and injecting malware.
Spirent CyberFlood Data Breach Assessment offers attack simulation technology that uses hyper-realistic traffic emulation to test production and operational environments safely, while still enabling security posture validation without all of the usual false positives. This product quickly and continuously assesses and verifies performance and experience across living networks to prioritize risk mitigation and address regulatory requirements.
Instead of simulating malicious attacks, Spirent prefers to say that its agents emulate them, meaning that Spirent agents look and act like the real thing. These virtual agents recreate typical network traffic patterns in all directions, a breach and attack approach that exercises security devices and all subsequent policy configurations, allows greater visibility into perimeter security and helps analysts validate security countermeasures. More than 85,000 content scenarios are available in the content library that Spirent always keeps up to date. Security teams can also easily add their own evasion techniques and obfuscation abilities to the emulation assessments, further enriching emulation capabilities and customizing them to address specific organizational needs.
Users will find the testing topology easy to create and edit. Spirent uses a canvas that serves as a visual representation of tests that are conducted with each assessment. The attack vectors include reconnaissance, melee and custom scenarios. Assessments based on industry standards and security frameworks, such as NetSec OPEN and MITRE ATT&CK, are also available and simplify compliance testing. Analysts may either schedule assessments or run them automatically and may choose to pause or stop an assessment at any point.
Analysts may use the Topology View to see what’s happening within an environment in real-time. The product offers a great deal of ticketing and service management and analysts can easily keep tabs on open tickets and issues. The closed-loop automation capabilities in this platform offer direct remediation guidance for these tickets and issues, relieving security teams of the burden of blindly addressing them on their own.
There are a variety of different views available within the dashboard and analysts may easily switch between them to access different vantage points between frameworks. Viewing the data in different ways drives efficiency and builds a comprehensive view of risk. Spirent assesses and validates risk in a three-step process. First, a control travels to an endpoint and prompts it to try opening a port like a current attacker. Then, an emulator sends endpoint data to an agent, testing both incoming and outgoing traffic. Finally, if failures occur on all three steps, Spirent marks, but does not block, the identified threat.
Overall, security pros will find Spirent CyberFlood Data Breach Assessment a flexible and effective breach and attack simulation tool, suitable for any organization and network architecture. The attack simulations and evasion techniques realistically emulate many different types of attack, including breaching networks and injecting malware. With its various customization options, this platform supports many security frameworks. It also simplifies reporting by allowing analysts to decide which assessments to define and how to define them. This kind of flexibility delivers results tailored towards each individual organization.
Pricing starts at $45,000 and includes phone support and implementation services. There’s also a detailed help section built directly into the platform.