Vendor: XM Cyber
Price: Yearly license based on net- work size.
What it does: Leverages simulations with Purple Team functionality to continuously expose all attack vectors and provide security teams with prioritized remediations.
What we liked: Simulations that can be replayed for step-by-step analysis, the beautifully designed interface and the different methods of visualizing attack paths (particularly the Battleground Screen).
HaXM is a fully automated
APT simulation platform with Purple Team functionality that continuously
exposes all attack vectors from the perspective of an attacker, assisting
security teams in staying ahead of threats with ongoing prioritized
XM Cyber sees the breach
and attack simulation sector as broken into two types of products: those that
serve as security control validation products and those that conduct automated
pen testing. HaXM sits somewhere in between the two, providing a more holistic
perspective of an attack surface and how an attacker could travel from a breach
point, prioritizing remediations and offering up actionable mitigation
suggestions. By mimicking the behaviors of a real hacker, HaXM continuously
looks at a network from an adversarial viewpoint in a way that is fully secure
The solution records every
simulation the system runs. They can be replayed to see what unfolded step by
step to understand how an attacker might behave in a network. The adversarial
perspective is displayed in the Battleground Screen which shows the paths a
virtual attacker used to travel all the way from a breach point to a critical asset.
A pane on the screen shows where the movements took place, when, what happened
and which users were compromised.
Being able to safely,
accurately and continuously test a network to gain visibility into attack
vectors is only half the battle. HaXM closes the gap to remediation with a
report that’s generated after a simulation. Using this report, analysts can see
how much of the network and assets were compromised, how long it took the
system to execute and the Asset Findings.
The Asset Findings show everything
that helped an attack traverse from a breach point to critical assets. Analysts
can drill into the findings for more granular information – each contains a
remediation section with suggestions like best practices for what needs to be
done to better protect assets as well as actionable advice with remediation
options that have been tailored to your environment.
Over the past year, XM
Cyber has added many capabilities to HaXM, including a MacOS agent, the ability
to add security controls for testing to see how security controls are reacting
and the ability to see multiple attack vectors. Being able to see more attack
paths improves prioritization. Analysts can use the reports to see multiple
attack vectors, not just the vectors most likely to be taken. More
capabilities, including cloud-based attack simulations, are on the horizon, XM
Cyber tells us.
identifies attack vectors to target assets and prioritizes actionable
remediation so companies can optimize their resources and reduce IT hygiene
risk. The product’s functionality and beautiful, intuitive interface make it a
worthy contender in this emerging space.
price varies based on network size. Premium and Standard Support are offered on
at four levels of severity, each with different response times.
Tested by Matthew Hreben