November 2019 | SC Media

Print Issue: November 2019

Emerging Products: Breach and attack simulation technologies

Until recently, the critical task of security testing was primarily performed through time-consuming, costly and laboriously manual penetration testing. Organizations understood that, despite its expense and inefficiency, testing was – and still is – extremely important to security posture. The best security tools in a company’s arsenal mean nothing if they are improperly configured or…

AttackIQ Platform v2.15

Vendor: AttackIQ Price: $5,000 per Test Point Engine.Contact: attackiq.com What it does: AttackIQ Platform assists Red and Blue Teams by continuously testing different security measures in production systems in order to validate security controls using workflows and attack emulations. What we liked: How thoroughly the platform aligns to the MITRE ATT&CK Framework and the transparency…

Cymulate Breach and Attack Simulation Platform 3.30.16

Vendor: Cymulate Price: $40,000-$500,000 based on company size and number of attack vectors.Contact: cymulate.com What it does: Cymulate divides the attack surface into seven attack vectors and runs hundreds of thousands of customizable simulations on the entire kill chain to test an organization’s security posture and controls. What we liked: The focus on lateral simulations…

Picus Security Platform v2402

Vendor: Picus Security Inc.Price: $25,000 per assessment vectorContact: picussecurity.com What it does: Leverages continuous, metrics-based validation to harden security controls and provide mitigation suggestions. What we liked: The mitigation suggestions are remediations that have been tailored to an organization and its specific defense stack. Picus Security Platform takes a threat-centric approach to achieving cyber resilience…

SafeBreach Platform 2019Q3.7

Vendor: SafeBreachPrice: Dependent on the size of the deployment.Contact: safebreach.com What it does: Leverages thousands of attack simulations to provide a “hacker’s view” of security risks and gives analysts actionable mitigation guidance and prioritized resources.What we liked: The vast library of attack simulations available, supplemented with Breach Studio’s development environment for create-your-own simulations functionality. SafeBreach…

XM Cyber HaXM 1.0

Vendor: XM CyberPrice: Yearly license based on net- work size.Contact: xmcyber.com What it does: Leverages simulations with Purple Team functionality to continuously expose all attack vectors and provide security teams with prioritized remediations.What we liked: Simulations that can be replayed for step-by-step analysis, the beautifully designed interface and the different methods of visualizing attack paths…

Next post in Reviews