Emerging Products: Breach and attack simulation technologies

System Security Specialist Working at System Control Center. Incident response needs to be more stealthy, even as attacks become more aggressive, so attackers don’t know they’re being tracked.

Manual security testing can't keep pace with the threat landscape. Penetration testing takes time and it's costly and labor-intensive. It's also fully dependent on the expertise of the penetration tester. Despite these inefficiencies, security pros need to test security posture and validate controls. Organizations have no way of knowing the efficacy of controls configurations or the performance of existing security investments without data from frequent assessments. Additionally, most compliance standards today mandate regular security testing as part of their frameworks.

Breach and attack simulation (BAS) technologies are the solution to the costly venture of manual testing. These tools answer the same questions as manual testing, except they do so more inexpensively, frequently and quickly. Security tools are irrelevant if they are misconfigured or underused and the breach and attack simulation BAS technologies we assessed this month have tremendous potential for profound return on investment thanks to the validation offered through security controls testing and security tool testing.

In addition to being extremely efficient, BAS tools are incredibly simple to deploy and manage. They have easy setup and centralized management to maximize the simplicity for security teams and administrators alike. Each product comes with numerous out-of-the-box assessments and reports, driving the user-friendliness and intuitive implementation. All of the templates are customizable to ensure the flexibility necessary to meet the needs of any organization.

A security tool that acts as a hacker constantly attacking a network and its infrastructure may seem risky. These tools are safe and offer valuable insight into vulnerabilities and attack vectors without compromising production environments. These products take security assessments a step further to offer remediation suggestions, prioritizations and guidelines to assist analysts with threat response. The broad use cases and potential gain from these solutions makes choosing to implement them a no-brainer. They capitalize on existing security investments and ensure that an organization’s digital estate and human resources are secure.

Group Opener 

This month we revisited the still emerging space of BAS technologies. These products have undergone a great deal of maturity and growth over the last year and are continuing the trend towards mainstreaming and transforming the security space. Security testing remains crucial for maintaining a strong security posture and good security hygiene. Misconfigured controls and underused tools are commonplace across industries and security testing offers a way to mitigate these vulnerabilities.

The costly and time-consuming nature of the previous go-to security testing methodologies have and continue to get outperformed by the cutting-edge technology breach and attack simulation tools offer, rendering manual controls testing and penetration testing more obsolete than ever. Reoccurring assessments and validation are not feasible with manual testing, notoriously expensive and time-consuming. The threat landscape we face today requires security testing that's continuous and repetitive. This need coupled with the obsolescence of manual penetration testing paves the way for breach and attack simulators.

BAS technology uses automation to drive continuous security control testing, exposing and identifying vulnerabilities and misconfigurations. Analysts may use this information to get more out of their existing security tools and validate environments are properly configured. You may think of these solutions as a personal trainer for your security environment as they strengthen what's already there and identify weaknesses, providing suggestions on how to bolster those vulnerabilities and mitigate risks. We continue to see these products increasingly implement purple team capabilities with extensive remediation guidance to streamline the detection and response process.

In addition to the breach and attack simulation use cases that target controls testing and product testing, these products also test the human element within organizations. Staff testing is a crucial component of security. An organization could have an airtight environment with all the top-of-the-line tools money can buy. None of that means anything if the human element opens the organization to attack and exploitation. These products deliver the insight necessary for security teams to ensure everyone on the team abides by the protocols in place.

The BAS tools we assessed this month continue to solidify their place within the cybersecurity realm and efficiently shore up human and technical vulnerabilities while offering a substantial return on investment of all security implementations. Security experts now consider these products a staple for any security toolset and will continue to transform the landscape and the way security teams operate.

August Reviews:

AttackIQ Platform v2.1

Cymulate Breach and Attack Simulation Platform 3.30.16

The Picus Security Validation Platform 3113

SafeBreach Platform

Sophos Phish Threat

Spirent Communications CyberFlood Data Breach Assessment v2.02

XM Cyber 1.35

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.