Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


02:00 PM
Dark Reading
Dark Reading
Products and Releases

SafeBreach Arms Defenders with the Hackers Playbook

Innovation in Breach Validation Identifies and Closes Attack Paths Before Exploitation; Company to be Featured in RSA Conference 2016 Innovation Sandbox

MENLO PARK, CA –January 26, 2016 – SafeBreach, a leading innovator of enterprise breach validation, today officially announced the company and the general availability of its platform. Founded by former LivePerson CSO Guy Bejerano and renowned security researcher Itzik Kotler, SafeBreach enables any size organization to precisely and continuously quantify the risk of breaches from specific attack scenarios, harden infrastructure, and achieve greater ROI from current security investments. Recognizing its innovation, the company will be featured as one of the Top 10 Finalists in the Innovation Sandbox ‘Most Innovative Startup’ Contest at the RSA Conference 2016, taking place on February 29, 2016 at the Moscone Center in San Francisco.   

Despite nearly $70 billion in security investment, organizations continue to be besieged by attacks, pummeled by breaches and mired in cleaning up the aftermath. The 2015 Verizon DBIR report highlights that in 60 percent of breaches, attackers were able to compromise organizations within minutes, and these breaches remain undiscovered for weeks and/or months. While innovation abounds in security solutions, it also expands the universe of product and services an organization must maintain and manage. Adding to that, the constant updating, patching and testing of software and infrastructure and it creates too many holes to plug, with too few people and too little time.

Recognizing these challenges, SafeBreach has delivered a platform to better inform defense, one that looks at how a potential attacker views, prioritizes and targets an infrastructure and then how they reach their ultimate target. SafeBreach’s breach validation platform continuously executes scenarios—based on extensive security research and drawing from actual investigations—to simulate real attacks and determine actual risk.

“As we move from perimeter defense to borderless security, I love that SafeBreach can be the ‘ubiquity platform’ running at every segment of my data center. These are not just ‘war games’ we are playing; this is removing the blindfold and really identifying our blind spots,” said Nir Botzer, CISO at Clarizen.

With customers spanning highly targeted sectors such as high-tech, financial services and retail, early SafeBreach deployments found a range of causes that left all organizations of all sizes open to data exfiltration with relative ease. Ignoring common security best practices and lack of layered defenses were major reasons behind successful compromise. Additionally, in many cases, extremely effective, next generation security solutions were rendered weak by IT misconfiguration. In one particular deployment, errors allowed SafeBreach to bypass malware sandboxing solutions in less than two hours.

Unlike static penetration testing or vulnerability management that look for, and at, specific weaknesses, SafeBreach’s platform looks at vulnerabilities and weaknesses in the context of the systems they inhabit and the network relationships they affect, to see how an actual attack could play out—and how far it could go. By doing so, it allows organizations to more intelligently make adjustments and enact fixes to not only close holes in the infrastructure but disrupt and disable paths that could enable greater compromise.


SafeBreach customers benefit from:

  • Continuous Validation – Configured to run cyberwar games for continuous validation. SafeBreach is “always on” to keep pace not only with evolving adversarial tactics but also a constantly changing risk profile from new users, applications and devices.
  • Actionable Insights – Offers CISOs and security analysts context-rich details of the building blocks that could create a breach event, specific to an organization’s environment. This informs more specific and targeted actions to prevent or mitigate impact.  
  • Complete Coverage – Comprehensive visibility and validation across cloud, network and endpoints. SafeBreach can also be used to validate security and compliance controls for data protection, segmentation between security zones/networks and third party integration.


“Companies don’t need to understand adversaries as much as they need to understand how adversaries view them,” commented Bejerano. “SafeBreach allows CISOs and security analysts to understand their risks from a hacker’s point-of-view. For the first time, we give defenders a way to validate their security controls and the benefit of time to address critical issues.”

Availability and Pricing

The SafeBreach platform is available immediately as Software as a Service (SaaS) or on premise, with pricing based on the number of simulators. In a SafeBreach deployment, breach simulators perform the role of the attacker and play war games within an organization’s actual infrastructure and security solutions—without impacting network performance or exposing assets. The SafeBreach orchestrator manages the network of breach simulators and serves as the central management point from which attack scenarios are executed and analyzed for success, and from which patterns can be tracked over time.

For a free assessment of enterprise security risks, please register at www.safebreach.com.



Funded by Sequoia Capital and Shlomo Kramer, SafeBreach is a pioneer in the emerging category of breach validation. The company’s groundbreaking platform provides a “hacker's view” of an enterprise’s security posture for total and continuous security assessment, validation and reporting. SafeBreach automatically executes breach methods with an extensive and growing Hacker’s Playbook™ of research and real-world investigative data. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.



Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/2/2020
Ripple20 Threatens Increasingly Connected Medical Devices
Kelly Sheridan, Staff Editor, Dark Reading,  6/30/2020
DDoS Attacks Jump 542% from Q4 2019 to Q1 2020
Dark Reading Staff 6/30/2020
Register for Dark Reading Newsletters
White Papers
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-07-02
Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels. If a userconnects to a malicious or compromised RDP server, a series ofspecially-crafted PDUs could result in memory corruption, possiblyallowing arbitrary code to be executed...
PUBLISHED: 2020-07-02
A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM & Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attack...
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
PUBLISHED: 2020-07-02
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.