Webinar Recap
In this webinar, Simon Howe, AttackIQ Regional Director (APAC & Japan) and Brett Callaughan (AttackIQ Technical Director of APJ & EMEA) unveil the functions of AttackIQ Flex (On-Demand) and AttackIQ Ready! (As-a-Service).
Overview
AttackIQ Flex (On-Demand)
AttackIQ Flex is on-demand, agentless test as a service. It enables organizations to quickly emulate adversary behavior through a simplified user experience, delivering detailed security control performance metrics and mitigations in minutes.
AttackIQ Flex leverages AttackIQ’s advanced adversary emulation software that fully emulates cyberattacks, replicating the tactics, techniques, and procedures employed by real-world adversaries and their campaigns. With Flex, organizations of all kinds can harden their defenses ensuring that they can interdict the attacker before they can achieve their objectives.
It provides an economical means of validating security controls without the need for expensive and time-consuming manual testing. With a pay as you go model, you can test as little or as much as you want, across disparate elements of your business.
AttackIQ Ready! (As-a-Service)
AttackIQ Ready! is a fully managed security control validation service.
Aligned to MITRE ATT&CK, AttackIQ Ready! leverages years of advanced content and actionable reporting to improve your security posture.
AttackIQ Ready! testing will help you identify performance gaps in your security program performance, but the benefit extends far beyond technology. Testing data and a focus on MITRE ATT&CK gives your team a single picture of your overall security program performance and moves you towards a purple team operational construct, decreasing burnout, improving time to remediation in the event of an incident, and elevating team effectiveness.
An adaptive, flexible solution
AttackIQ Flex empowers organizations to rapidly test their security controls on-demand. It revolutionizes the breach and attack simulation market by offering testing as a service, removing the obstacles of price, complexity, and time constraints that have kept organizations from comprehensive testing in the past.
Fastest Time to Visibility
Through agentless testing,
organizations deploy Flex and get
answers to their security validation
questions in a matter of minutes
instead of weeks. This accelerated
process allows for swift decisionmaking
and proactive measures to
improve effectiveness.
A Simplified Testing Experience
A cornerstone of AttackIQ Flex,
the self-contained test packages
streamline design and execution and
reduce the complexity associated
with validating security controls.
Enhanced Visibility
The self-contained test packages
enable organizations to conduct
rapid tests on any network,
regardless of whether they don’t
manage them or aren’t
internet connected.
What Results You Can Expect?
AttackIQ Ready! tests 7 distinct security controls in the context of MITRE ATT&CK and provides comprehensive data about how well your security performs against the threat. Because it is a managed service, the AttackIQ team will do all the work for you. Here is some of what you can expect.
Easy and Immediate Use
From day one, AttackIQ Ready! provides an easy to use
and immediate baseline understanding of your security
coverage as well as continuous visibility into your
security posture.
Weekly & Monthly Reporting
Weekly and monthly reports about your security controls’
performance, including against specific adversaries
curated by the AttackIQ Adversary Research Team
(APT29, FIN6, etc.).
Monthly Adversary Curation
Every month, the AttackIQ Adversary Research Team
introduces a new set of adversarial campaigns to test your
security controls against that specific adversary.
Continuous Automated Testing
The AttackIQ Ready! team conducts weekly tests of your
security controls using MITRE ATT&CK-aligned assessments
drawn from the full AttackIQ research library.
Actionable Remediation Guidance
The service generates tailored, easy-to-use remediation
guidance so that you can close gaps and address issues
quickly to improve performance.
Detection Engineering Option
After six months, AttackIQ Ready! introduces the option
of detection testing for companies that have a security
operations center or a SIEM structured to respond to
alerts and attacks.
In-App Threat Analysis
Gain immediate in-app analysis about emerging and
advanced threats and how to prepare your defenses to
withstand attacks.
No Hidden Fees
The AttackIQ Ready! team will run assessments against
your controls at scale, in production, aligned to MITRE
ATT&CK comprehensively using the platform
SPEAKERS
Simon Howe
AttackIQ
Regional Director (APAC & Japan)
Simon is responsible for building and managing relationships with organisations in Asia Pacific & Japan (APJ) for AttackIQ. A respected industry expert in the APJ region with over 25 years of sales and management experience Simon collaborates with the cyber security community to inform and uplift cyber security programs and capability. Prior to AttackIQ, Simon was a senior executive at LogRhythm where he served as Vice President of Sales for Asia Pacific. Simon has also held senior sales and leadership roles at Symantec, Commvault and Acronis. Originally from the UK, Simon has lived in Sydney since 1998.
Brett Callaughan
AttackIQ
Technical Director of APJ & EMEA
Brett Callaughan was appointed Technical Director of EMEA & APJ for AttackIQ in late 2020. Prior to this Brett was a Senior Systems Engineer for AttackIQ.
Based in Sydney, Brett is responsible for enabling the company’s partners and customers across Asia Pacific to fully leverage the AttackIQ Platform to ensure customers environments are known to be secure and not assumed to be through Breach and Attack Simulation assessments. In addition to this ensuring that they stay that way over time with the ever-evolving security program and threat landscape through Continuous Security Validation.
Brett has more than 20 years’ experience in the IT Security industry and was previously Systems Engineering Manager at Malwarebytes (APAC) and Pre-Sales Engineer at Palo Alto Networks for more than five years. During this time, he helped enterprise customers and MSSP’s dramatically improve their security posture and provided insight into the global and local threat landscape to help solve the ongoing security problems being faced.