SC Labs tests seven breach and attack simulation products for August that will sharpen up your security assessments. (Source: Erikona, Getty Images)
Manual security testing cant keep pace with the threat landscape. Penetration testing takes time and its costly and labor-intensive. Its also fully dependent on the expertise of the penetration tester. Despite these inefficiencies, security pros need to test security posture and validate controls. Organizations have no way of knowing the efficacy of controls configurations or the performance of existing security investments without data from frequent assessments. Additionally, most compliance standards today mandate regular security testing as part of their frameworks.
Breach and attack simulation (BAS) technologies are the solution to the costly venture of manual testing. These tools answer the same questions as manual testing, except they do so more inexpensively, frequently and quickly. Security tools are irrelevant if they are misconfigured or underused and the breach and attack simulation BAS technologies we assessed this month have tremendous potential for profound return on investment thanks to the validation offered through security controls testing and security tool testing.
In addition to being extremely efficient, BAS tools are incredibly simple to deploy and manage. They have easy setup and centralized management to maximize the simplicity for security teams and administrators alike. Each product comes with numerous out-of-the-box assessments and reports, driving the user-friendliness and intuitive implementation. All of the templates are customizable to ensure the flexibility necessary to meet the needs of any organization.
A security tool that acts as a hacker constantly attacking a network and its infrastructure may seem risky. These tools are safe and offer valuable insight into vulnerabilities and attack vectors without compromising production environments. These products take security assessments a step further to offer remediation suggestions, prioritizations and guidelines to assist analysts with threat response. The broad use cases and potential gain from these solutions makes choosing to implement them a no-brainer. They capitalize on existing security investments and ensure that an organizations digital estate and human resources are secure.
Group Opener
This month we revisited the still emerging space of BAS technologies. These products have undergone a great deal of maturity and growth over the last year and are continuing the trend towards mainstreaming and transforming the security space. Security testing remains crucial for maintaining a strong security posture and good security hygiene. Misconfigured controls and underused tools are commonplace across industries and security testing offers a way to mitigate these vulnerabilities.
The costly and time-consuming nature of the previous go-to security testing methodologies have and continue to get outperformed by the cutting-edge technology breach and attack simulation tools offer, rendering manual controls testing and penetration testing more obsolete than ever. Reoccurring assessments and validation are not feasible with manual testing, notoriously expensive and time-consuming. The threat landscape we face today requires security testing thats continuous and repetitive. This need coupled with the obsolescence of manual penetration testing paves the way for breach and attack simulators.
BAS technology uses automation to drive continuous security control testing, exposing and identifying vulnerabilities and misconfigurations. Analysts may use this information to get more out of their existing security tools and validate environments are properly configured. You may think of these solutions as a personal trainer for your security environment as they strengthen whats already there and identify weaknesses, providing suggestions on how to bolster those vulnerabilities and mitigate risks. We continue to see these products increasingly implement purple team capabilities with extensive remediation guidance to streamline the detection and response process.
In addition to the breach and attack simulation use cases that target controls testing and product testing, these products also test the human element within organizations. Staff testing is a crucial component of security. An organization could have an airtight environment with all the top-of-the-line tools money can buy. None of that means anything if the human element opens the organization to attack and exploitation. These products deliver the insight necessary for security teams to ensure everyone on the team abides by the protocols in place.
The BAS tools we assessed this month continue to solidify their place within the cybersecurity realm and efficiently shore up human and technical vulnerabilities while offering a substantial return on investment of all security implementations. Security experts now consider these products a staple for any security toolset and will continue to transform the landscape and the way security teams operate.
August Reviews:
AttackIQ Platform v2.1
Cymulate Breach and Attack Simulation Platform 3.30.16
The Picus Security Validation Platform 3113
SafeBreach Platform
Sophos Phish Threat
Spirent Communications CyberFlood Data Breach Assessment v2.02
XM Cyber 1.35
See original here:
Emerging Products: Breach and attack simulation technologies - SC Magazine
- Technology Synonyms, Technology Antonyms | Thesaurus.com - January 7th, 2017 [January 7th, 2017]
- Information technology - Wikipedia - January 7th, 2017 [January 7th, 2017]
- Technology and Electronics Reviews - USATODAY.com - January 7th, 2017 [January 7th, 2017]
- Technology Forum - reddit.com - January 7th, 2017 [January 7th, 2017]
- Technology: Industries: PwC - January 22nd, 2017 [January 22nd, 2017]
- National Education Technology Plan - Office of Educational ... - January 22nd, 2017 [January 22nd, 2017]
- Technology News - The New York Times - January 24th, 2017 [January 24th, 2017]
- Computer Business Review - Computer Business Review - January 24th, 2017 [January 24th, 2017]
- Technology - Pogue's Posts Blog - The New York Times - February 2nd, 2017 [February 2nd, 2017]
- What the Tech: Neuro-Bio Monitor Technology - KFDX - February 7th, 2017 [February 7th, 2017]
- Globalization failed too many people. Here's the technology that could help it work for everyone - Quartz - February 7th, 2017 [February 7th, 2017]
- Bill Nye forecasts next 50 years, says we're at a technological crossroad - Digital Trends - February 7th, 2017 [February 7th, 2017]
- Interview with Matt Nix about his new Fox show APB. - Slate - Slate Magazine - February 7th, 2017 [February 7th, 2017]
- In This Year's Super Bowl Of Technology, Intel Led The Way With A Sky Full Of Drones - Forbes - February 7th, 2017 [February 7th, 2017]
- Learning From Last Year: Technology Funding Outlooks For 2017 - Forbes - February 7th, 2017 [February 7th, 2017]
- Ossia hires new CEO to help commercialize its wireless charging technology - GeekWire - February 7th, 2017 [February 7th, 2017]
- Microsoft's AI group debuts customizable speech-to-text technology, rapidly expanding 'cognitive services' for ... - GeekWire - February 7th, 2017 [February 7th, 2017]
- A flare for self-destruction: How technology is the means, not the cause, of our demise - National Post - February 7th, 2017 [February 7th, 2017]
- Broadcaster dangles new technology for Winter Olympics - Reuters - February 7th, 2017 [February 7th, 2017]
- These Four Black Women Inventors Reimagined the Technology of the Home - Smithsonian - February 7th, 2017 [February 7th, 2017]
- How 3D and Self-Design Will Change Technology - Huffington Post - February 7th, 2017 [February 7th, 2017]
- Factory Boss Says Fishing Technology Could Improve Controversial US Border Wall - Voice of America - February 8th, 2017 [February 8th, 2017]
- Republicans Aim to Kill Election Technology Standards Agency - Gizmodo - February 8th, 2017 [February 8th, 2017]
- Solutions replace technology as the focus at ISE 2017 - Installation International - February 8th, 2017 [February 8th, 2017]
- Five Rules That Define The Technology Innovator - Forbes - February 8th, 2017 [February 8th, 2017]
- Three Ways That Digital Technology Can Help Chemical Producers - Forbes - February 8th, 2017 [February 8th, 2017]
- Cinematographers Deploy Innovative Technology to Create Better Images - Variety - February 8th, 2017 [February 8th, 2017]
- How Technology Transforms Dreamers Into Economic Powerhouses - Forbes - February 8th, 2017 [February 8th, 2017]
- Coming technology will likely destroy millions of jobs. Is Trump ready? - Washington Post - February 8th, 2017 [February 8th, 2017]
- Mysterious $5 Billion Biotech Moderna Hit With Legal Setback Related To Key Technology - Forbes - February 9th, 2017 [February 9th, 2017]
- Berlinale: Jury Talks Up Art But Politics and Technology Enter Discussion - Variety - February 9th, 2017 [February 9th, 2017]
- Opinion: Harry Boxer's stocks to watch: biotechnology and technology - MarketWatch - February 9th, 2017 [February 9th, 2017]
- Nasdaq plans venture arm to invest in financial technology: sources - Reuters - February 9th, 2017 [February 9th, 2017]
- A modern-day Rosie the Riveter campaign: Women in technology - The Hill (blog) - February 9th, 2017 [February 9th, 2017]
- A growing concern: Technology and transportation - Florida Today - February 9th, 2017 [February 9th, 2017]
- Top 10 Mobility Technologies Market by Technology & Geography - Global Forecast to 2022 - Yahoo Finance - February 9th, 2017 [February 9th, 2017]
- Volvo melds technology and luxury in the XC90 T8 hybrid - Engadget - February 9th, 2017 [February 9th, 2017]
- CEFC warns against risky investment in 'clean coal' technology - The Guardian - February 10th, 2017 [February 10th, 2017]
- Scientist calls for industrial scale-up of greenhouse gas-eating microbe technology in UK - Phys.Org - February 10th, 2017 [February 10th, 2017]
- Software company introduces game-changing technology for Michigan Realtors - HousingWire - February 10th, 2017 [February 10th, 2017]
- New laser technology enables more sensitive gravitational-wave detectors - Phys.Org - February 10th, 2017 [February 10th, 2017]
- Why Quotient Technology Inc. Stock Surged 21% Higher on Friday - Fox Business - February 10th, 2017 [February 10th, 2017]
- How Technology Is Improving Influencer Marketing (And Can Help Improve Your Brand) - Forbes - February 10th, 2017 [February 10th, 2017]
- Hands-on: EVGA's sensor-laden iCX technology revolutionizes ... - PCWorld - February 10th, 2017 [February 10th, 2017]
- New Ground Technology uses digital graphics on turf - Golf Channel - February 11th, 2017 [February 11th, 2017]
- Facing State System review, Cal U to emphasize science and technology - Pittsburgh Post-Gazette - February 11th, 2017 [February 11th, 2017]
- International Game Technology: A Lottery Bet That's Paying Off - Barron's - February 11th, 2017 [February 11th, 2017]
- Our seas have become a plastic graveyard - but can technology turn the tide? - Telegraph.co.uk - February 11th, 2017 [February 11th, 2017]
- Technology identifying fastest checkout lanes comes to metro - KCCI Des Moines - February 11th, 2017 [February 11th, 2017]
- This Technology Could Be a Game-Changer for the Marijuana Industry - Fox Business - February 11th, 2017 [February 11th, 2017]
- Editorial: Higher education and technology are job creators, so why is the governor cutting their funding? - STLtoday.com - February 12th, 2017 [February 12th, 2017]
- BLAEDC: Entrepreneurs find a technology-friendly home in the Brainerd lakes area - Brainerd Dispatch - February 12th, 2017 [February 12th, 2017]
- Small cell technology is large endeavor for state - Crain's Cleveland Business - February 12th, 2017 [February 12th, 2017]
- Eye tracking technology will change these 4 domains - The Next Web - February 12th, 2017 [February 12th, 2017]
- The technology fixing Britain's parking problem - The Independent - February 12th, 2017 [February 12th, 2017]
- Tim Cook: Augmented Reality is as big of a technology as the smartphone - BGR - February 12th, 2017 [February 12th, 2017]
- How technology is encouraging society to be stupid - The Next Web - February 12th, 2017 [February 12th, 2017]
- IBM Adds Voice Help to Cybercrime-Fighting Watson-Powered Weaponry - Campus Technology - February 13th, 2017 [February 13th, 2017]
- Market Higher As 4 Key Steel, Technology Stocks Top Buy Points - Investor's Business Daily - February 13th, 2017 [February 13th, 2017]
- A look at North Korea's missile launches and technology - ABC News - February 13th, 2017 [February 13th, 2017]
- The CFO Imperative: Next-Gen Technology Drives Cost Optimization - Knowledge@Wharton - February 13th, 2017 [February 13th, 2017]
- Technology puts 'touch' into long-distance relationships - Phys.Org - February 13th, 2017 [February 13th, 2017]
- A New Angel Investing Platform Connects Deep Technology And Science Startups With Capital - Forbes - February 13th, 2017 [February 13th, 2017]
- Formula 1 now capable of 'internet' broadcasts with new technology - autosport.com - February 14th, 2017 [February 14th, 2017]
- How dangerous is technology? - OUPblog (blog) - February 14th, 2017 [February 14th, 2017]
- Apple's Eddy Cue says technology companies have a responsibility to combat fake news - Recode - February 14th, 2017 [February 14th, 2017]
- Valentine's day: what's your secret technology crush? - Naked Security - February 14th, 2017 [February 14th, 2017]
- Parents and technology How much is too much? - WGBA-TV - February 14th, 2017 [February 14th, 2017]
- Is Magic Leap Lying About Its Acid Trip Technology? - Vanity Fair - February 14th, 2017 [February 14th, 2017]
- BYU-Idaho dedicates and showcases new Science and Technology Center - LocalNews8.com - February 15th, 2017 [February 15th, 2017]
- Even Indian technology entrepreneurs think they are living in a ... - Quartz - February 15th, 2017 [February 15th, 2017]
- 3 tips for regulating our kids' technology use - The Herald-Times (subscription) - February 15th, 2017 [February 15th, 2017]
- Don Cunningham column: Technology giveth, and it taketh away - Allentown Morning Call - February 15th, 2017 [February 15th, 2017]
- Warren Buffett's Increasing Passion For Apple And Technology - Forbes - February 15th, 2017 [February 15th, 2017]
- DNA technology gives new face to decade-old cold case - The San Diego Union-Tribune - February 15th, 2017 [February 15th, 2017]
- Can Technology Really Solve China's Healthcare Crisis? - Forbes - Forbes - February 15th, 2017 [February 15th, 2017]
- Emerging technology is keyword: Demand for experts in robotics & big data up 50% - Economic Times - February 16th, 2017 [February 16th, 2017]
- Five technologies that will change how we live - Financial Times - February 16th, 2017 [February 16th, 2017]
- Football League agrees to use goalline technology in Championship - The Guardian - February 16th, 2017 [February 16th, 2017]
- Telecom operators navigate three technology transformation options - TechTarget - February 16th, 2017 [February 16th, 2017]