Spirent Communications announced the European preview of CyberFlood Data Breach Assessment, the first data breach validation solution based on emulation technology. The preview will take place at Black Hat Europe in London (December 5 and 6).
Unlike
simulation-based data breach validation tools that merely replay
traffic, Spirent's CyberFlood Data Breach Assessment solution accurately
assesses an organization's security posture by emulating hacker,
malware and attack behavior using stateful and realistic traffic
scenarios - including the actual malicious payloads seen in the real
world. This provides a holistic and hyper-realistic security evaluation
of an organization's networks and devices.
"Organizations
are looking to take proactive steps to strengthen their cybersecurity
defenses. The likelihood and stakes of a data breach, both in terms of
financial penalties and the impact on the company's reputation, are
simply too high," said David DeSanto, director of products and threat
research for Spirent. "CyberFlood Data Breach Assessment uses real-world
attacks and techniques that fully emulate realistic cybersecurity
scenarios, enabling organizations to fully assess their network
defenses, as well as identify and remediate weaknesses before they are
compromised."
Beyond Simulation with Data Breach Emulation
A study from
the Center for Strategic and International Studies estimates that
cybercrime costs the global economy $600 billion per year. With these
ever-growing costs, organizations need to be proactive, identifying weak
spots in their network defenses and fixing them or mitigating any risk
before an attacker can exploit them.
Network
security assessments that emulate real-world attacks as realistically
as possible are critical for determining where security needs to be
addressed and improved. Simulated attacks rely on replayed network
traffic and fake network activities. But many security solutions detect
and ignore simulated attacks with artificial network payloads, treating
them as false, non-malicious traffic and either allowing the traffic to
pass through or simply blocking it as invalid. Simulated attacks and
network traffic do not adequately validate an organization's ability to
defend against cyber-attacks.
Spirent
has amassed a formidable repository of real-world attack components,
including exploits, applications, and malware scenarios. This
repository-powered by Spirent TestCloud-combined
with analysis from Spirent's threat research team, Spirent
SecurityLabs, and its partnerships with the threat intelligence
community, enable Spirent to stay current on emerging attack tools,
techniques, and processes.
Attackers
exploit the weakest link in a network to gain access and then move
laterally to locate and compromise valuable resources such as
intellectual property and other sensitive company data. An effective
security assessment tool must function the same way.
CyberFlood
Data Breach Assessment can begin an attack or intrusion scenario in any
part of the network and pivot across multiple internal network segments
to provide a realistic attack scenario. It can be deployed with virtual
or cloud agents anywhere in an organization, including internal
networks, data centers, and private or public cloud infrastructures.
Hacking Demo and Presentation on Automated Purple Team Testing
In
addition to previews of the CyberFlood Data Breach Assessment solution
at Black Hat Europe, Spirent researcher and managing consultant
Aleksander Gorkowienko will demonstrate a simulated man-in-the-middle
attack on a city's infrastructure, hacking a control system for a city's
streetlights. The attack demonstration will take place at Spirent's
booth during exhibition hours, December 5 and 6.
David DeSanto will present a session titled "Automated Purple Team Testing - Leveraging Red vs Blue to Reduce Risk!" on
Wednesday, December 5. DeSanto will describe the need for a holistic,
automated solution operating within a live network to enable active
monitoring and automate ongoing evaluations, such as an automated Purple
Team assessment. The session will cover the purpose and value of
automated Purple Team assessments and describe how they can help
organizations ensure that their network defenses are always ready.