Application Security

8/20/2018
10:20 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SafeBreach Extends Breach and Attack Simulation Platform

New Capabilities Expand Coverage from Email-to-Endpoint; Also Adds Enhanced Remediation Support and Board Level Risk Scoring

SUNNYVALE, CA – August 20, 2018 - SafeBreach, the leader in Breach and Attack Simulation (BAS), today announced a major new platform upgrade that extends best-in-class actionable security data with new classes of simulations to validate security controls, additional board-level metrics to drive prioritization, and new integrations to speed the process of remediation. Already able to simulate more than 3,600 attack methods, these new additions expand simulations further across the entire kill chain, from email infection to endpoint compromise - and all phases in between. Combined with a new Demisto integration partnership and board-level risk metrics, SafeBreach continues to set the pace for BAS innovation.

These new enhancements come during a time of strong momentum for SafeBreach, including recently completing a new round of funding and being awarded the first patents in the BAS market.

“Our customers tell us they chose SafeBreach because we have the most accurate, and broadest, set of attack simulations across the kill chain -- from email to endpoint,” said CEO and Co-Founder Guy Bejerano at SafeBreach. “While continuously simulating attacks is a critical part of any BAS solution, driving actionable results is always the real goal—from executive communication, to risk assessment, to control validation and technology investment and remediation. These new platform updates extend each of these areas so customers can ensure their teams, tools and budgets are aligned to get the most from their security.”

SafeBreach provides security teams the ability to safely validate their security controls against thousands of real world attacks. Unlike penetration testing or red team engagements, SafeBreach validates security controls continuously using more than 3,600 comprehensive hacker breach methods without risking or interfering with user, data or system activity. Security teams can discover and mitigate security gaps across their network, in the cloud or on their endpoints. SafeBreach correlates and analyzes the results of each breach scenario, provides visualization and detailed kill-chain analysis and recommends proactive remediation steps to improve the security posture of the environment.  The new capabilities advance the SafeBreach platform with:  

  • Enhanced Email and Ransomware Simulations—extended infiltration simulation classes of email-based attacks. As a result, organizations can identify additional misconfigurations or gaps in email security controls. SafeBreach has also enhanced ransomware simulations to include file encryption to further validate the efficacy of behavioral endpoint security controls.
  • New Board-Level Risk Metrics—a new data analytics layer now augments existing security insights with board-level visibility and metrics.  The new capabilities includes immediate assessment of risk against known attacks, as well as at-a-glance risk scoring and critical asset protection status for communication to executive stakeholders.
  • Expanded Remediation Support—a new integration partnership with Demisto further drives automated security remediation. This partnership adds to existing remediation integrations across both automation and orchestration with others like Phantom, ServiceNow and Jira.

 

About SafeBreach

SafeBreach is the leader in Breach and Attack Simulation. The company’s groundbreaking platform provides a “hacker's view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes thousands of breach methods from an extensive and growing Hacker’s Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital Partners, Draper Nexus, Hewlett Packard Pathfinder, PayPal, and investor Shlomo Kramer. For more information, visitwww.safebreach.com or follow on Twitter @SafeBreach.

 

 

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.