Bitdefender announced
Bitdefender Offensive Services,
a new offering designed to proactively assess, identify, and remediate
security gaps in an organization's environment (on premises, cloud,
hybrid) through penetration testing and red team simulated attacks.
In an independent global survey
of 400 IT and cybersecurity professionals, more than half (52%) of
businesses surveyed suffered a data leak or breach in the last 12
months. When asked about the security threats that pose the greatest
concern, respondents indicated they are most concerned about software
vulnerabilities and/or zero-days threats (53%). These findings correlate
with Bitdefender Labs' research that shows a marked increase of
cybercriminals exploiting known software vulnerabilities using proof of concept (PoC) attacks.
Bitdefender Offensive Services bolster the company's managed detection and response
(MDR) portfolio and provide organizations with a proactive means to
fortify environments, reduce risk, and meet regulatory/compliance
mandates such as SOC 2, HIPAA, GLBA, FISMA, PCI-DSS, NIS2 and ISO 27001
as the threat landscape evolves. The services are led by its elite team
of cybersecurity analysts, researchers, threat hunters, and
CREST-accredited ethical hackers enhanced by the Bitdefender Global Protective Network, an extensive network of hundreds of millions of sensors continuously collecting threat data worldwide.
Additionally, Bitdefender's new services support organizations adopting
Continuous Threat Exposure Management (CTEM), a cybersecurity process
that employs controlled attack simulations for identifying and
mitigating threats to networks, systems, and supply chain environments.
This allows stress testing security posture and identifying
vulnerabilities before they are exploited by real attackers.
About Bitdefender Offensive Services
-
Bitdefender penetration testing service -- is tailored for
each organization based on multiple factors including industry type,
operational infrastructure, software adoption, and perceived risk. The
ethical hacking team performs a vulnerability assessment to identify
security weaknesses of systems covering networks, applications, mobile
devices and more. Weaknesses found are used to conduct authorized
simulated cyberattacks, testing the organization's cybersecurity
defenses and controls such as user authorization, authentication, and
integrity against industry standards. An in-depth report is delivered to
help remediate security gaps, educate on potential consequences had the
attack been real, and strengthen overall security posture.
-
Bitdefender red teaming service -- is a human-led,
intelligence-driven exercise that simulates real-world threat actors
including advanced persistent threats (ATPs) to demonstrate how
attackers would attempt to compromise critical functions and underlying
systems of an organization. In contrast to penetration testing, red
teaming is objective-based, open-scoped, and executed covertly during a
longer window of time to assess an organization's total cybersecurity
ecosystem covering people, processes and technologies. The attacks are
guided by the Techniques, Tactics and Procedures (TTPs) of the MITRE
ATT&CK Framework to mimic adversarial behaviors using specific
attack methods including social engineering, customized tools and
malware, post-breach lateral movement and more. The Bitdefender red team
improves an organization's ability to detect and respond to attacks and
be more cyber resilient should an incident occur.
According to the Gartner Top Trends in Cybersecurity 2023 report, "By
2026, organizations prioritizing their cybersecurity investments via a
continuous threat exposure management (CTEM) program will suffer
two-thirds fewer breaches."
"As malware, vulnerability exploits, phishing and other attacks continue
to escalate and evolve, organizations that take proactive measures to
cybersecurity and its continuous improvement will be vastly more
secure," said Andrei Florescu, deputy general manager and senior vice
president of products, Bitdefender Business Solutions Group. "With the
addition of Bitdefender Offensive Services to our world-class MDR
offering, businesses have a straightforward approach for improving
security posture and having critical elements of their security
operations spearheaded by a highly talented team of practitioners."