Zero trust

First Look: Guardicore Infection Monkey version: 1.7


Company name: Guardicore
Product name: Infection Monkey version: 1.7
Email: [email protected]
Basic Price: Free, Open Source
Customer Support Offerings:  For questions, suggestions and guidance join the Infection Monkey​ community via the Slack channel​.  Guardicore Infection Monkey source code is available for direct download at the ​GitHub​ repository

During past year there have been a flood of new technologies that promise to optimize protection for enterprise organizations – with most of them focused on the zero trust model. Look back just a few years and the typical network perimeter provided enough protection to keep attacks at bay. However, as attack techniques have become more sophisticated, a zero trust approach has become a necessity. Zero trust security means that no user is trusted by default from inside or outside the network. And verification is always required for those looking to gain access to resources on the network. While this sounds fine and dandy theoretically, applying these principles to practical reality can be a resource intensive process. This dynamic is where the people at Guardicore have an upper hand in helping enterprise organizations move zero trust from concept to a full-functioning reality. Guardicore has taken the concept of zero trust to the next level with the Infection Monkey offering by launching the industry’s first free, open source zero trust assessment tool. The tool is built on Guardicore’s four basic principles of zero trust: 1) Invoke a least privilege access strategy; 2) Enforce secure access to all resources; 3) Maintain access control at all levels; 4) Audit everything by reviewing all logs. Infection Monkey applies these principles to help organizations safely evaluate their environment’s zero trust posture.

Infection Monkey is a breach and attack simulation tool that allows organizations to assess a zero trust environment.  To facilitate industry adoption, Guardicore built a software platform that is easy to deploy and run. Infection Monkey tests how the zero trust framework was implemented by attempting to communicate with machines that reside in different segments of the enterprise network, demonstrating policy violations, and generating test results with actionable recommendations for remediation. To start Infection Monkey users must select one of two options to designate the environment from which the tool will run: Monkey Island Server or Machine of Choice.

The Monkey Island Server is a Linux server used to run the infection. It can be configured to test a single component (application server) or widespread enterprise components. This option allows the Monkey Island Server (command and control) to be deployed internally or externally to the organization. The software can utilize an external server (AWS, Azure) or an internal server to launch the attack. The Machine of Choice option allows users to select a different server to act as the command and control server. This option designates a specific infrastructure asset to launch the attack. In either case, the Monkey has access to well known exploits and tests them against an organization’s infrastructure controls.

All Infection Monkey tests are safe exploits that have been validated by Guardicore labs. Infection Monkey’s UI is incredibly intuitive and is visually rich which makes it easy for users to quickly assess what is happening in a zero trust environment. Infection Monkey provides a zero trust report that is similar to the widely recognized Forrester model, however the company uses a visually rich color-coding system to portray the good versus bad on the environment. The system uses traditional red, yellow, green risk profiling but adds grey to represent an unexecuted test. Beyond the initial tests results, Infection Monkey also provides three levels of exploit detail in the form of a summary, test results and findings pages. Findings are exportable to machine readable data for use in scripts and other remediation tools. This structure addresses various needs across an organization by providing feedback for executive, managerial and technical levels at different parts of the report.

Guardicore demonstrates great insight for zero trust security by offering a unique, open source tool that addresses market demand. As a no-cost, highly effective solution, Infection Monkey is a disruptive force that will likely push the competition to new levels of performance.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.