Cymulate Continuous Automated Red Teaming

Mã sản phẩm:

Mô tả: Automated Testing to Validate Attack Paths for Repeatable & Scalable Assessments

Chi tiết sản phẩm

Cymulate Continuous Automated Red Teaming

Validate Attack Paths Across the Full Kill-Chain
Cymulate Continuous Automated Red Teaming (CART) provides cybersecurity teams a platform to increase operational efficiency and optimize their adversarial activities with production-safe methodologies. The implementation is easy, and the assessments can test any technique at any stage of the attack kill-chain independently – start with a well-crafted phishing email or begin from inside the network and move laterally in stealth, using a variety of exploits. The Cymulate CART solution supports automated testing for vulnerability validation, what-if scenario, targeted-, and custom-testing within a flexible framework for repeatable and scalable testing.

How it Works
Validate Attack Paths Across the Full Kill-Chain Cymulate CART simulates attacks that propagate within the network in search of critical information or assets. The solution is cloud-based and easily deployed with minimal installation and maintenance efforts. For some capabilities, customers only need to install one lightweight agent per environment to run assessments. The agent facilitates seamless communication between customer devices and the Cymulate platform, ensuring timely updates and efficient transfer of operational data.

Cymulate CART Capabilities
Network Pen Testing
The network penetration testing capability simulates an attacker that has gained an initial foothold by taking control of a single compromised workstation, moving laterally in search of any additional assets that can be compromised. It safely applies threat tactics and techniques to uncover infrastructure misconfigurations and security weaknesses, validating attack paths against security controls. This independent capability allows the organization to segregate network-level defenses from endpoint-level defenses for a more accurate analysis of both layers of controls. Continuous testing with the network penetration testing capability helps identify changes in IT infrastructure and network misconfigurations that may provide new avenues for lateral movement. At the end of the assessment, the system also cleans up after itself to remove any components that were distributed to other machines.

Each network penetration testing assessment produces a visualization of the attack path, including all the endpoints reached and the methods used, providing insight into the weaknesses in the network infrastructure.

Validate Security Against Advanced Persistent Threats
Cymulate CART includes the full kill-chain campaign capability to validate an organization’s security framework against real-world cyber attacks attempting to bypass security controls across the cyber kill-chain, from attack delivery to exploitation and post-exploitation. The full kill-chain capability begins with one or more production users interacting with targeted attack emails that pose no real risk to the organization. Once the recipient clicks and executes the payload, follows a link to download and run a payload, or performs other user actions to initiate the attack, production-safe code execution and defense evasion techniques challenge endpoint security resilience with ransomware, trojans, worms, advanced scenarios, or lateral movement. Each step of the attack and each technique used is controlled by the cybersecurity team and uses Cymulate code components to ensure safety.

The full kill-chain campaign assessment summary provides a graphical representation of the attack stages at the top of the screen. Each stage in the attack that was executed successfully is circled in red, and the stage that is circled in orange is the stage the attack was thwarted. The full kill-chain stages are also listed below, each row displaying the stage, its description, status, actions, and ATT&CK tags.

Evaluate Employee Security Awareness
The phishing awareness capability provides all the resources to create an internal phishing campaign and measure employee resilience against phishing attacks. Creating a customized assessment with Cymulate CART is quick and easy, and employee interactions with the mock phishing emails are automatically recorded, logging hazardous behaviors such as clicking links or entering credentials. These assessments identify employees needing additional phishing awareness training and highlight users who are not following proper policies and procedures.

Benefits of Continuous Automated Red Teaming