SimSpace platform enhancements help security teams validate their incident response operations
At RSA Conference 2022, SimSpace unveiled new updates to its cyber range, delivering an open platform for cybersecurity training and optimization to validate both incident response processes and security stacks.
The new enhancements allow customers to deploy fully-customizable high-fidelity ranges with increased coverage for cloud services, critical infrastructure, and operational technology (OT) and Internet of Things (IoT) devices. SimSpace has further expanded its capabilities with a full battery of automated attacks, enhanced training content and emerging threat intelligence from SimSpace and leading partners, including Mandiant, Cymulate and others.
“CISOs are under increasing pressure to improve their security posture, reduce risk and optimize their security investments – all while facing the most challenging cyber staffing environment in modern history,” said William Hutchison, CEO and cofounder, SimSpace. “It’s essential for CISOs to build the confidence that their teams are prepared and well-trained to face cyber attacks. That’s why we’re proud to deliver an open platform that provides the live-fire exercises, team training and the necessary hands-on experience to validate their incident response playbooks against a variety of attack vectors: insider threats, known APTs and nation-state threat actors.”
The Open Cyber Range platform
According to Gartner, IT security organizations are overwhelmed trying to keep ahead of new attacks while also deploying and maintaining the latest security tools. Moreover, teams are struggling to enable the tools and software-defined strategies to make automated and dynamic security decisions.
To address these challenges, organizations are shifting toward a Cybersecurity Mesh Architecture (CSMA) to leverage data and intelligence from multiple security tools and enterprise data sources. Without single vendors providing complete CSMA solutions, organizations need a way to test the interoperability of point products and APIs to create an intelligent security layer before it is deployed.
The recent updates to the SimSpace Cyber Range platform help security teams validate their incident response operations on CSMA and more traditional architectures. As an open platform, SimSpace has expanded its library of open-source and commercial cybersecurity products, with added tools from FireEye, RSA NetWitness, Security Onion, Sentinel One, Splunk, Carbon Black, Cycognito, and Nessus, among others. As operators configure their systems, they can also test them against automated attack scenarios and map against the MITRE ATT&CK framework.
More machines, specialized environments and automated attacks
Improving upon the openness of the platform, SimSpace has also broadened coverage for industry-specific network topologies and templates, hybrid-cloud environments, as well as new IoT, ICS and SCADA devices as virtual devices or hardware in-the-loop. Users are able to quickly deploy more pre-built cyber ranges that model specific verticals including finance, local municipalities, healthcare, military as well as categories of critical infrastructure such as pipelines, telecommunications, energy and ports. SimSpace has also increased the number of automated attacks to include a full spectrum of threat actors including:
- Insider threat scenarios.
- Nation-state actors from China, Iran, Russia, North Korea, India and more.
- Threat intelligence-based scenarios for known APT groups and associated TTPs.
Threat-intel cyber education to train and retain elite cyber talent
Within Skillwise, the SimSpace training platform, managers can now access real-time training status across individuals and create structured training plans for team members. Users have access to the largest graduate-level training content catalog, with over 700 hours of structured content, providing both offensive and defensive tactics, for a full understanding of vulnerabilities, exploits and remediation steps.
This includes modules for emerging threats like CurveBall, Dirty Pipe, Log4Shell, PrintNightmare, ProxyLogon, PwnKit, Zerologon and many more. SimSpace has also released a free Log4J training module to help defend against Log4J vulnerabilities and Log4shell exploits.
Live-fire exercises in a virtual cyber arena
SimSpace is launching Crucible Event Services. These lightweight and impactful team exercises allow organizations to deploy real cyberattacks in a simulated environment to safely and quickly develop baseline assessments of an organization’s readiness, while also measuring improvement over time. With Crucible Events, you can quickly build solid team relationships that would normally require years of experience to develop.
The SimSpace Cyber Range platform is trusted by organizations worldwide, including the US Department of Defense Persistent Cyber Training Environment (PCTE), the Department of Homeland Security, and five of the 15 largest financial institutions in North America.