The new product features give security teams powerful capabilities to make sure they are patching the most important vulnerabilities first and can extend their security testing and stance to their growing cloud native infrastructure.
SUNNYVALE, CALIFORNIA – February 19 2020 – SafeBreach, the market leading Breach-and-Attack Simulation (BAS) platform, announced the release of two powerful new capabilities – Risk-Based Vulnerability Management integration and Cloud Native Container Security to address the most pressing problems facing SecOps and DevOps teams today. SecOps and vulnerability management teams are struggling to sort through thousands of potential remediations and patches to focus on those that pose the greatest business and security risk. At the same time, the adoption of containers and cloud-native infrastructure has elevated the importance of testing and validating security controls protecting private, public and hybrid clouds.
With these two new features, SafeBreach empowers security teams to focus on the right problems first, and give security teams the capabilities they have long sought to validate deployed controls against their fast-changing cloud native stacks.
Security teams today are literally drowning in vulnerability and risk remediation data. Tracking, analyzing and managing all this data manually is challenging, if not impossible. Patches are deployed based on risk scores supplied by vulnerability reports and security frameworks without regard for actual business risk.
For example, a vulnerability may be ranked as “medium risk” in the vulnerability report because it is not present on a critical asset, but it actually presents a very high risk to a business because it is present in systems which have easy access to critical assets and important data. At the same time, a vulnerability ranked as “high risk” may present a minimal risk because it is already blocked by an IPS which is protecting the vulnerable assets and hence there is a very small chance for it to be exploited by an attacker. Without the ability to take into account security controls in the organization, security teams waste time applying the patches against low-risk vulnerabilities and focusing on fixing security control gaps that are not mission critical.
At the same time, vulnerabilities that could result in serious breaches and high monetary damages are left ignored. This exposes organizations to a greater potential for serious breaches and security incidents, as well as compliance and audit failures. Poorly designed remediation strategies can also result in unnecessary downtime, which impacts customer satisfaction and may violate SLAs, triggering costly penalties.
SafeBreach Risk-Based Vulnerability Management Prioritizes What To Fix First
To solve this problem, SafeBreach’s new Risk-Based Vulnerability Management module, combines attack simulation data against both hosts and networks with vulnerability scan results and scores them against risk criteria to generate a comprehensive vulnerability management prioritization plan that takes the guesswork out of patching. The risk criteria are defined by the customer team managing SafeBreach, enabling businesses to customize fine-grained risk postures that map precisely to security stance and vulnerability management. The risk plan is easy to read and makes remediation planning accessible to risk managers not well versed in the security jargon and structure of CVEs and technical reports.
“When we talked to CISOs, CIOs and security team leads, they made very clear that prioritization and understanding of risks was their most painful problem. They were constantly worried that they were not patching the most important vulnerabilities or remediating the biggest risks to their business, because their security control strategy is not taken into account.” says Yotam Ben Ezra, VP Products at SafeBreach. “With SafeBreach Risk-Based Vulnerability Management prioritization, security teams can be sure that they are concentrating on the patches that matter the most, every day, all the time.”
According to Gartner research, “Vulnerability assessment buyers are shifting from tools that only identify vulnerabilities, to those that proactively assess and manage the risks posed by those weaknesses. This is primarily being addressed by new vendors offering vendor-agnostic products, prompting companies offering solutions to update their offerings.”
Drop-In BAS For Cloud Native Applications Running in Containers
As the global infrastructure has rapidly migrated to the cloud, the need for solutions to validate the security controls of container-based infrastructure has grown exponentially. This gap is made more critical by the tendency of development teams to make many more code pushes to update cloud-native applications and infrastructure as compared to legacy infrastructures. In addition, the ephemeral nature of cloud native infrastructure and applications makes it challenging to secure. Not surprisingly, malicious hackers have started to focus on virtual infrastructure as a target-rich environment for new exploits.
The new Cloud Native Container Security capabilities of SafeBreach extend full BAS coverage via a new Docker simulator to security teams managing container-based infrastructures deploying Docker, the most widely used container software stack. These teams increasingly play a role in the security stance for cloud native deployments where modern Developer Operations (DevOps) practices use Continuous Integration / Continuous Deployment (CI/CD) to rapidly iterate and ship new code. This reality means a constantly shifting attack surface, making continuous testing and validation even more critical to security hygiene.
SafeBreach simulates a growing list of attacks against the Docker data plane, network and API, including attacks involving process injection; rogue applications, system changes and lateral movement from container to container. The SafeBreach BAS now contains Docker-based attack techniques drawn from the company’s Hacker’s Playbook, the largest collection of breach methods on the market today.
“More and more of our customers are moving critical systems and applications into the cloud, where they face new risks and challenges to ensuring that their security posture and controls can block next-generation attacks on containers,” says Yotam Ben Ezra, VP Products, SafeBreach . “With our new Cloud and Container Security features, their security teams can easily extend their BAS coverage to encompass all types of virtual infrastructure and keep up with the rapid pace of deployments that make cloud native environments so dynamic and difficult to defend.”
Built by a team of cybersecurity experts and hackers with decades of experience on the front lines of information security and cyberwarfare, SafeBreach is designed to empower SecOps teams to optimize their controls and configurations on a continuous basis to ensure all networks and hosts are as secure as possible. SafeBreach BAS makes it simple for users to simulate attacks customized to match any infrastructure footprint, visualize weaknesses in their security controls, and holistically remediate gaps and vulnerabilities to provide the best possible security posture. Leveraging an intuitive visualization system and heatmaps found in the widely used MITRE ATT&CK framework, SafeBreach provides easy-to-understand, intelligent guidance on which security gaps to prioritize for remediation based on business risk, and clear remediation steps. Only SafeBreach offers an industry-leading SLA that promises the addition of new vulnerabilities to its attack simulation library within 48 hours of disclosure.
SafeBreach maintains the largest list of attack tactics, techniques and procedures, giving SafeBreach BAS users the broadest and most up-to-date cybersecurity attack simulation coverage on the market today. Thousands of controlled, safe forms of real cyber attacks are available as part of the SafeBreach Hacker’s Playbook(™). With 10,000+ breach and attack methods, this playbook is the largest in the industry based on actual attacks, active investigations and cutting-edge research. With the new product capabilities for Risk-Based Vulnerability Management and Cloud Native Security for Docker container attack simulations, SafeBreach continues to deliver bleeding-edge capabilities to help SecOps and Vulnerability Management teams stay ahead of attackers and optimize their security postures.
SafeBreach is a leader in breach and attack simulation. The company’s groundbreaking patented platform provides a “hacker’s view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve security operations center (SOC) analyst response. SafeBreach automatically executes thousands of breach methods from its extensive and growing Hacker’s Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital Partners, DNX Ventures, Hewlett Packard Pathfinder, PayPal and investor Shlomo Kramer. For more information, visit www.safebreach.com or follow us on Twitter @SafeBreach.