AttackIQ platform automates the validation of AI and ML-based security technologies
AttackIQ announced a series of technology innovations to the AttackIQ Informed Defense Architecture (AIDA) that allow cybersecurity teams to better test their people, processes, and defensive technologies against advanced, multi-stage attack campaigns.
AttackIQ now offers adversary emulation architecture built to test artificial intelligence (AI) and machine learning (ML)-based cyberdefense technologies in production, while emulating comprehensive, multi-stage attacks.
The cybersecurity industry’s adoption of ML and AI-enabled defense capabilities has improved the world’s security posture against advanced persistent threats.
According to Gartner, organizational deployment of these technologies has nearly doubled in the past two years. Yet even the best technologies, the best personnel, and the best processes do not always perform as intended.
The most advanced cyberdefense capabilities still need to be constantly tested and validated to ensure they work as expected.
With the latest innovations to its architecture, AttackIQ helps chief information security offices (CISOs) simplify the process of evaluating security control performance across distributed environments and accelerate the move from a reactive security program to a strategic, threat-informed defense program with an automated platform, fully aligned to the MITRE ATT&CK framework.
“To keep up with the onslaught of new attacks, security programs must evolve from reactive and siloed to proactive and collaborative. Our approach is to leverage a threat-informed defense and purple team strategy across our cybersecurity and risk organization, so we have continuous fidelity on how our people, processes, and technologies are performing to protect our customers and our data,” said Paul Haywood, CISO of BUPA.
“To validate cybersecurity effectiveness against real-world threats, organizations need a platform that can emulate the adversary with specificity and realism at every step in the cyberattack process, which is no small feat,” said Brett Galloway, CEO of AttackIQ.
“We’ve developed a futureproof series of technology innovations in our kill chain testing that accounts for individual tasks and mimics human adversarial behavior.
“Now, organizations that are leveraging AI and ML control and detection systems can test their systems with a full-scale, automated platform across the entire kill chain with point-and-click ease of use that’s also completely aligned to MITRE ATT&CK.”
Updates to the AttackIQ Informed Defense Architecture include:
- The Anatomic Engine makes it easy for operators of all skill levels to create complex adversary attack graphs (or attack flows) that are purpose built for emulating attacker patterns. Enumerating complete kill-chain sequences in this manner provides high-level efficacy when testing modern ML and AI based security controls.
- AttackIQ’s Network Control Validation Module combines a new comprehensive network topology map with adversarial attack replays. This helps organizations rapidly exercise the end-to-end validation of network-deployed security controls and gives technology-specific remediation guidance, ensuring that customers get the most out of their cyberdefense investments.
- The AttackIQ Hosted Agent simplifies the process of deploying the AttackIQ Security Optimization Platform, improving the customer experience by providing a managed, external source and target, making it much simpler to emulate advanced adversary behaviors.
With these platform innovations, AttackIQ customers will improve their cyberdefense effectiveness in a number of ways. AttackIQ’s Anatomic Engine combines atomic testing capabilities with the most comprehensive adversary emulation capabilities available on the market.
By chaining attacks together in a graph, the Anatomic Engine allows organizations in a user interface to measure their defenses against a series of attacker patterns. With the AttackIQ Network Control Validation Module, customers who use next-generation firewalls and other AI and ML-based defense technologies can operate with increased confidence in their network security effectiveness.
Lastly, with hosted agent innovations, the AttackIQ Security Optimization Platform deploys with greater ease, freeing up the security team’s time and energy for other matters. The net result is an overall increase in security program ease of use and effectiveness.
“Companies across the globe are experiencing unprecedented levels of large-scale, multi-vector cyber-attacks. Businesses need to adopt advanced cyber defense technologies to protect high-value assets and test their cybersecurity capabilities.
“By incorporating AI into our unified, multi-layered security architecture, Check Point Software Technologies provides an intelligent system that not only detects, but actively prevents against advanced attacks.
“We are proud to be a member of AttackIQ’s Preactive Security Exchange (PSE), and partner with their Network Control Validation module to help ensure customers are protected against the latest fifth-generation of cyber attacks,” said Jason Min, Head of Business Development at Check Point Software Technologies.