Startup Offers Free Cyberattack Simulation Service

  /     /     /  
Publicated : 22/11/2024   Category : security


Startup Offers Free Cyberattack Simulation Service


Attack simulation emerging as a way to test network security on demand and without exploits.



First came penetration testing, then the tabletop exercise, and now attack simulation -- the relatively nascent practice of war-gaming attacks on your network to gauge how prepared (or not) you are, and where your weaknesses reside.
Unlike pen-testing, attack simulation doesnt run exploit code. Its more about simulating the way attackers do their dirty work, from composing a phishing email and infecting a machine to the path the take to access and then pilfer credit-card data out of company. Attack simulation startup vThreat today announced free access to its software-as-a-service based applications.
The concept of simulating and providing a detailed postmortem of how an attacker could hack you is capturing some venture capital interest:  Israel-based startup
SafeBreach,
which provides attack simulation via a platform model, recently raised some $4 million via Sequoia Capital and serial entrepreneur and angel investor Shlomo Kramer.
vThreat was founded by Marcus Carey, a former security researcher with Rapid7 and one of the architects of the US Department of Defense Cyber Crime Centers live network investigations course. Carey says vThreat simulates what an attacker could actually do to an organizations infrastructure, and shows the attack sequence through the hackers eyes.
Its not a replacement for penetration testing. We dont replace pen testing, but we do augment it and give blue teamers an opportunity to simulate adversaries, between penetration tests, Carey says.
We do 80 percent of what a pen tester does, without exploitation, he says. The goal is to keep on top of your security posture between pen tests and attacks or attack attempts.
Carey says vThreat uses a JavaScript agent in its tools. The various attack apps can imitate the techniques and movements of an attacker, including the scanning of local systems and the theft of information. We concentrate on the movements an attacker makes on the network, he says.
The new free
vThreat Apps
SaaS doesnt provide all of the detailed reporting and analytics and exclusive apps that the paid subscription offers, but it does include a full enterprise-wide breach option, with limited reporting, Carey says. A vThreat Pro annual subscription costs $4,995, and vThreat Enterprise is priced based on the size of an organization, he says.
Aside from a full enterprise-wide attack, the apps include specific attack scenarios such as SSN exfiltration, executable download, DNS tunneling, egress scanning, and a tool for testing the organizations incident response.
Andrew Hay, director of research, OpenDNS, says attack simulation lets companies more regularly  probe at the security of their network, especially as changes are made to the infrastructure. If you add a new network security device, does it actually make a difference to your overall attackable surface area? Does one product work better than another for detecting or blocking specific threats? he says. [It] also provides a way to test the efficacy of your security program and that of your organizations ability to respond to incidents, he notes.
Services like vThreats are more affordable for midsized companies that cant afford to hire full-time security testing talent, he says.
Guy Bejerano, CEO and co-founder of SafeBreach, describes his firms attack simulation platform as a way for companies to deploy offensive security in order to root out their vulnerabilities to attack. In a recent blog post, he called it a red team on a platform.
Here Are Your Security Holes. Now What?
The simulation service has a botnet that vThreat controls, according to Carey, for a realistic attack scenario. Were not dropping any code or backdoors, he says, but the tests produce RAR files with sample credit-card files if the attack was able to find blind spots in the network.
The catch with these attack simulations is the response side of the equation, however. OpenDNSs Hay says what you do with the information and problems these tests expose is the big challenge for companies. If you see that DNS tunneling can be used to exfiltrate data from your network, how do you stop it? Whats the best course of action? he says.
Carey says companies in the financial services, energy, healthcare, and software startup sectors are currently using its SaaS.
The primary benefit I see is that these types of  simulations allow for ongoing and scheduled testing of deployed technical controls such as those of firewalls, IPS, proxies, and other systems, OpenDNSs Hay says. It also provides a way to measure whether adding a new security tool actually makes a difference, or which ones work better than others, he says.
Its a fantastic product bake-off simulator, Hay says.

Last News

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Startup Offers Free Cyberattack Simulation Service