Using the AttackIQ Security Optimisation Platform with the Mitre Att&ck framework, AttackIQ says mutual customers can now leverage the power of automation to emulate realistic attacks and prove that controls are working as expected to help protect them from breaches and attacks.
“As we have seen from supply-chain and ransomware intrusions, organisations need to assume breach and adopt advanced security capabilities to prevent successful attacks,” notes Carl Wright, AttackIQ chief commercial officer. “VMware is excited to work with the VMware team to elevate our mutual customer’s security program performance.”
“While traditional penetration testing and red teaming can provide useful insights into security control effectiveness, their infrequent scheduling and limited scope fail to provide holistic, up-to-the minute data during security proof of values,” says Chad Skipper, VMWare global security technologist. “AttackIQ will enable VMware NSX customers to validate NSX Advanced Threat Prevention controls against emulated adversary behaviours, with the end result being increased confidence in their cybersecurity performance.”
AttackIQ conducts automated security testing to improve program performance
AttackIQ operates under the assume breach mindset, recognising it is not a question of if but when an intruder will break past an organisation’s perimeter defence.
Aligned to the Mitre Att&ck framework, AttackIQ’s Security Optimisation platform contains a deep library of adversary emulation scenarios to emulate post-breach adversary behaviours and validate an organisation’s defences. The Security Optimization Platform tests and validates security controls continuously, safely, at scale and in production.
By combining AttackIQ with VMware NSX, teams are said to gain comprehensive data-driven control over their security program through continuous testing. With clear performance data generated from AttackIQ’s automated testing capabilities, security teams identify program challenges, adjust their security program operations, and make data-informed decisions about their security investments.
The outcome: the organisation’s security controls work as intended, resources are aligned to address the most important threats, and the organisation will be able to maximise its return of investment.
AttackIQ says VMware simplifies network security by leveraging the infrastructure to protect apps and data from endpoint to cloud. By virtualising the network security stack, companies are said to gain better protection built into the infrastructure to help mitigate risks and enable compliance, lower costs, and simplify operations.
The VMware NSX security family includes the VMware NSX Service-defined Firewall, a distributed, scale-out internal firewall purpose-built to protect east-west network traffic, and VMware NSX Advanced Threat Prevention for network detection and response capabilities with network traffic analysis, distributed IDS/IPS, and advanced malware analysis.
These solutions, AttackIQ says, provide deep visibility into network traffic regardless of whether it is north-south or east-west and are coupled with advanced machine learning techniques. As a result, cybersecurity teams can respond to advanced threats by providing alerts with a very low rate of false positives, plus visualise the entire attack chain.