18 Nov Cybersecurity: Beating Adversaries At Their Own Game
Cymulate’s breach and attack simulation platform
Northport, N.Y. – Nov. 18, 2020
Cybersecurity breaches, hijacked data, and million-dollar ransom demands are devastating businesses worldwide — despite decades of advances in cybersecurity technology.
The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework identifies 14 tactics, 177 techniques, and 348 sub-techniques that advanced persistent threat (APT) actors use to strike enterprises in the Cyber Kill Chain.
Lockheed Martin’s Cyber Kill Chain framework represents that dark space where adversaries strategize relentless cyberattacks. From harvesting email addresses, delivering weaponized attacks, exploiting our vulnerabilities, and manipulating victims to achieve malicious goals, intruders have developed sophisticated tactics, techniques, and procedures (TTPs).
Cybercriminals can execute a single technique in thousands of variations to infiltrate IT and security infrastructures and exfiltrate data, says Avihai Ben-Yossef, co-founder and CTO at Cymulate, an award-winning cybersecurity company with offices in Israel and the U.S.
Cybercrime TV: Avihai Ben-Yossef, co-founder & CTO at Cymulate
Simplicity equals security
Although the average business uses dozens of security solutions to combat cybercrime, CISOs and security teams struggle to safely integrate them with the increasingly complex infrastructures that introduce new vulnerabilities into our environments, says Gily Netzer, chief marketing officer at Cymulate.
We can no longer rely solely on periodic vulnerability assessments, traditional penetration tests, security patches, and restricted solutions to protect our assets and people.
Gartner urges security and risk management leaders to “confront the threat landscape based on a continuous assessment of threat and business evolutions.” This couldn’t be more true today as adversaries manipulate a thinly stretched cyber workforce during another COVID-19 surge to escalate the cybercrime epidemic.
Boardroom and C-suite executives are hearing Gartner’s warning. They’re realizing that they can’t measure security performance like other business processes. They need solutions that provide better visibility on the threat environment. Solutions that quickly automate security controls and processes.
Fortunately, there is a player on the cyberscape that’s empowering organizations to beat the adversary at its own game.
Meet Cymulate: a fully automated breach and attack simulation platform that provides end-to-end continuous security validation. Operating thousands of out-of-the-box real-life attack strategies, Cymulate reveals exactly where we are exposed, and it shows us how to fix our vulnerabilities.
The SaaS platform is mapped to the MITRE ATT&CK framework and Lockheed Martin’s Cyber Kill Chain. It prioritizes the most important TTPs and how they were implemented across the kill chain.
Its Immediate Threat Intelligence vector is staffed by security analysts around the clock and helps evaluate our security posture. The Full Kill-Chain APT module simulates full-scale attacks and provides a single-pane view of security gaps across the attacker’s arsenal. The Purple Team Simulation module allows highly skilled security pros to “go crazy” with its customizable open framework.
Cybercrime TV: Gily Netzer, Chief Marketing Officer at Cymulate
Addressing the cybersecurity skills shortage
“Users don’t need an offensive skillset to use the platform. Simply click on a button and you’re good to go,” says Ben-Yossef. “You’ll get results that your regular SOC analyst or security team member will understand and (they’ll) know what needs to be done.”
He compares Cymulate, which fully integrates with different concepts of cybersecurity controls, to a game between the blue team and red team. While the blue team analysts look at the controls that are supposed to funnel into a detection solution, the red team can actually show how the funnel is working, ultimately improving the analyst’s ability to detect a real-time attack.
Mapping to the MITRE ATT&CK framework also provides a common language for security leaders and their teams.
“We provide CISOs — and CIOs at smaller companies — the visibility and ability to quantify and establish KPIs on their security performance based on real-life attacks,” says Netzer. “This enables security leaders to make informed decisions and prioritize budgets.”
Unfortunately, new technologies will always introduce exploitable security gaps. But that’s okay because Cymulate will be there to light those gaps, says Ben-Yossef.
He shares Netzer’s perception that simplicity equals security. If it is not simple, then it will not be deployed. If it is simple, then you are secured.
Give Cymulate a test drive and tell us how simple it is.
– Eli Kirtman is a freelance writer based in Cincinnati, Ohio.