In November 2015, during the RSA Conference in Europe, Amit Yoran President of RSA and former cybersecurity director at the U.S. Department of Homeland Security proclaimed “Infosec is fundamentally broken.” He said, “Infosec is an industry that wastes billions of dollars on firewalls and policing network perimeters, things that “make us feel safe” but don't address real problems. Look at the major breaches of recent memory and you will find companies that were attacked despite using next-generation firewalls and high-level software that, for all their cost and promise, allowed massive, embarrassing and harmful breaches.”
How do you know that the controls you have implemented are performing their functions properly? How do you know that your antivirus software, firewall, or any other security solution will block the threats?
Testing your Security Devices with AttackIQ FireDrill platform
FireDrillTM can be easily integrated into an existing network to identify security gaps and provide actionable insight to improve your security posture. FireDrill is cloud-based, requiring no bulky hardware or significant resources from your company’s infrastructure. On-premises deployments are possible if required by your organization.
Passive, lightweight agents are the sensors of the FireDrill platform. They receive and execute your selected scenarios and facilitate your live security testing.
FireDrill’s flexible deployment model allows you to strategically place agents as needed, adding or reducing the number of agents from month-to-month to allow for the most effective testing. All major operating systems are supported: Windows, Linux, OS X
FireDrill is backed by industry-leading security researchers who collect intelligence and analyse current attack techniques, tactics, and procedures to create comprehensive test scenarios.
Scenarios are used to test controls, validate security posture, and instrument your environment. They consist of behaviours that execute unwanted behaviour or mimic real world malicious activity. By testing these things, you can confirm your protective and detective controls are functioning as designed. Scenarios can be run on-demand or on automated schedules to continually challenge your security infrastructure.
Out of the box, FireDrill comes with an inventory of common scenarios from global expert individuals and organizations. We continually create and curate an ever-growing library of scenarios to address emerging threats, sourced both from AttackIQ experts and the security community at large. AttackIQ also offers custom scenario development services to address specific concerns.
Threat Intelligence Data Replay
People and Processes
If a scenario fails, security teams are notified in real-time through custom reporting and alerts, or through a company’s existing SIEM technology and workflow.
FireDrill reports provide repeatable metrics and detailed actions you can take to strengthen your overall security posture. FireDrill’s real-time dashboard and results give you automated, accurate, repeatable validation of your live IT security infrastructure, allowing you to:
FireDrill comes with a library of comprehensive reports that provide precise assessment of your current live IT security infrastructure’s ability to protect against an attack.
Security Assessment Report
Security Technology Report
Product Comparison Report