Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:00 PM
Dark Reading
Dark Reading
Products and Releases

SafeBreach Arms Defenders with the Hackers Playbook

Innovation in Breach Validation Identifies and Closes Attack Paths Before Exploitation; Company to be Featured in RSA Conference 2016 Innovation Sandbox

MENLO PARK, CA –January 26, 2016 – SafeBreach, a leading innovator of enterprise breach validation, today officially announced the company and the general availability of its platform. Founded by former LivePerson CSO Guy Bejerano and renowned security researcher Itzik Kotler, SafeBreach enables any size organization to precisely and continuously quantify the risk of breaches from specific attack scenarios, harden infrastructure, and achieve greater ROI from current security investments. Recognizing its innovation, the company will be featured as one of the Top 10 Finalists in the Innovation Sandbox ‘Most Innovative Startup’ Contest at the RSA Conference 2016, taking place on February 29, 2016 at the Moscone Center in San Francisco.   

Despite nearly $70 billion in security investment, organizations continue to be besieged by attacks, pummeled by breaches and mired in cleaning up the aftermath. The 2015 Verizon DBIR report highlights that in 60 percent of breaches, attackers were able to compromise organizations within minutes, and these breaches remain undiscovered for weeks and/or months. While innovation abounds in security solutions, it also expands the universe of product and services an organization must maintain and manage. Adding to that, the constant updating, patching and testing of software and infrastructure and it creates too many holes to plug, with too few people and too little time.

Recognizing these challenges, SafeBreach has delivered a platform to better inform defense, one that looks at how a potential attacker views, prioritizes and targets an infrastructure and then how they reach their ultimate target. SafeBreach’s breach validation platform continuously executes scenarios—based on extensive security research and drawing from actual investigations—to simulate real attacks and determine actual risk.

“As we move from perimeter defense to borderless security, I love that SafeBreach can be the ‘ubiquity platform’ running at every segment of my data center. These are not just ‘war games’ we are playing; this is removing the blindfold and really identifying our blind spots,” said Nir Botzer, CISO at Clarizen.

With customers spanning highly targeted sectors such as high-tech, financial services and retail, early SafeBreach deployments found a range of causes that left all organizations of all sizes open to data exfiltration with relative ease. Ignoring common security best practices and lack of layered defenses were major reasons behind successful compromise. Additionally, in many cases, extremely effective, next generation security solutions were rendered weak by IT misconfiguration. In one particular deployment, errors allowed SafeBreach to bypass malware sandboxing solutions in less than two hours.

Unlike static penetration testing or vulnerability management that look for, and at, specific weaknesses, SafeBreach’s platform looks at vulnerabilities and weaknesses in the context of the systems they inhabit and the network relationships they affect, to see how an actual attack could play out—and how far it could go. By doing so, it allows organizations to more intelligently make adjustments and enact fixes to not only close holes in the infrastructure but disrupt and disable paths that could enable greater compromise.


SafeBreach customers benefit from:

  • Continuous Validation – Configured to run cyberwar games for continuous validation. SafeBreach is “always on” to keep pace not only with evolving adversarial tactics but also a constantly changing risk profile from new users, applications and devices.
  • Actionable Insights – Offers CISOs and security analysts context-rich details of the building blocks that could create a breach event, specific to an organization’s environment. This informs more specific and targeted actions to prevent or mitigate impact.  
  • Complete Coverage – Comprehensive visibility and validation across cloud, network and endpoints. SafeBreach can also be used to validate security and compliance controls for data protection, segmentation between security zones/networks and third party integration.


“Companies don’t need to understand adversaries as much as they need to understand how adversaries view them,” commented Bejerano. “SafeBreach allows CISOs and security analysts to understand their risks from a hacker’s point-of-view. For the first time, we give defenders a way to validate their security controls and the benefit of time to address critical issues.”

Availability and Pricing

The SafeBreach platform is available immediately as Software as a Service (SaaS) or on premise, with pricing based on the number of simulators. In a SafeBreach deployment, breach simulators perform the role of the attacker and play war games within an organization’s actual infrastructure and security solutions—without impacting network performance or exposing assets. The SafeBreach orchestrator manages the network of breach simulators and serves as the central management point from which attack scenarios are executed and analyzed for success, and from which patterns can be tracked over time.

For a free assessment of enterprise security risks, please register at www.safebreach.com.



Funded by Sequoia Capital and Shlomo Kramer, SafeBreach is a pioneer in the emerging category of breach validation. The company’s groundbreaking platform provides a “hacker's view” of an enterprise’s security posture for total and continuous security assessment, validation and reporting. SafeBreach automatically executes breach methods with an extensive and growing Hacker’s Playbook™ of research and real-world investigative data. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.


Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-05-13
Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. A read of uninitialized memory was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying th...
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3.
PUBLISHED: 2021-05-13
An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for server-to-server authentication. It does not correctly authenticate remote server certificates, allowing a remote server to impersonate another serv...
PUBLISHED: 2021-05-13
Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.