Guardicore
unveiled new Zero Trust assessment capabilities in Infection Monkey, its
open source breach and attack simulation tool. Available immediately,
security professionals will now be able to conduct Zero Trust
assessments of Amazon Web Services (AWS) environments to help identify
the potential gaps in an organization's AWS security posture that can
put data at risk.
Infection Monkey is an open-source Breach and Attack Simulation (BAS) tool developed and maintained by Guardicore Labs.
Designed to be 100% safe for production environments, the tool helps IT
security teams assess their organization's resiliency to unauthorized
lateral movement both on-premises and in the cloud. Infection Monkey
enables organizations to see the network through the eyes of a
knowledgeable attacker - highlighting the exploits, vulnerabilities and
pathways they're most likely to exploit in your environment.
New features of the latest Infection Monkey release include:
- Zero Trust Maturity Assessment in AWS: New integrations with Scout Suite,
an open source multi-cloud security auditing tool, enable Infection
Monkey to run Zero Trust assessments of AWS environments. Infection
Monkey highlights the potential security issues and risks in cloud
infrastructure, identifying the potential gaps in AWS security posture.
Infection Monkey presents actionable recommendations and risks within
the context of the Zero Trust framework's key components established by
Forrester.
- Expanded MITRE ATT&CK Techniques:
Infection Monkey applies the latest MITRE ATT&CK techniques to its
simulations to help organizations harden their systems against the
latest threats and attack techniques. The four newest ATT&CK
techniques the Infection Monkey can equip are:
- Signed script proxy execution (T1216)
- Account discovery (T1087)
- Indicator removal on host: timestomp (T1099)
- Clear command history: (T1146)
- Critical Exploit Assessment:
Despite patches being issued, organizations are still susceptible to
powerful new vulnerabilities that threat actors continue to exploit.
Infection Monkey is now able to test infrastructure resiliency to new
remote code execution vulnerabilities, including CVE-2020-1472 (Zerologon) and CVE-2019-6340, which affects Drupal Core.
"The
accelerated adoption of cloud workloads has elevated the risk of data
being exposed either by external threat actors, or by internal
vulnerabilities such as poor access control and misconfigurations.
Securing this sensitive information requires a shared model of
responsibility, where organizations are enforcing Zero Trust frameworks
on their cloud workloads," said Ofri Ziv, VP Research, Guardicore. "The
new version of Infection Monkey is one of the first tools that allows
Zero Trust assessment of public cloud workloads. Today, companies
migrating to AWS environments can do so securely and confidently, using
Infection Monkey to rapidly identify the hidden vulnerabilities before
they're exploited."
To download the latest version of Infection Monkey, please visit: https://www.guardicore.com/infectionmonkey/index.html#top.