AttackIQ, a leading player in breach and attack simulation (BAS) solutions, has announced the release of Flex 2.0, an advanced agentless BAS platform designed to enhance organizations' ability to assess and improve their security posture on demand. As a founding research partner of the MITRE Engenuity Center for Threat-Informed Defense (CTID), AttackIQ continues to push the boundaries of cybersecurity testing with this latest offering.
Key Features of Flex 2.0
1. Insights Dashboard:Flex 2.0 introduces a new Insights Dashboard, providing a comprehensive overview of security performance. This tool includes Test Performance Scoring and Performance by MITRE Tactic, offering a simplified yet detailed analysis of an organization's security measures. These features are designed to facilitate continuous improvement in security protocols.
2. Compliance Test Packages:To address regulatory requirements, Flex 2.0 includes specialized test packages:
DORA Test Package: Aligned with the Digital Operational Resilience Act (DORA), these packages help financial institutions assess their cybersecurity posture against DORA standards. Available in Basic and Advanced versions, these packages cater to various testing needs.
NIST CSF Test Package: Based on the NIST Cybersecurity Framework (CSF) 2.0, these packages offer a structured approach to evaluating security within the "Protect" function. Like the DORA packages, they come in Basic and Advanced versions to accommodate different levels of testing rigor.
3. Expanded Testing Capabilities:Flex 2.0 broadens its testing capabilities to include new assessments that target emerging threats and commonly used adversary tactics, techniques, and procedures. This includes enhanced baselines for critical controls such as network security, next-generation firewalls, and endpoint detection and response systems.
Carl Wright, Chief Commercial Officer of AttackIQ, emphasized the importance of the new features: "Many organizations struggle to keep pace with evolving threats due to the challenges of security control testing, leaving them vulnerable to attack. Flex 2.0 addresses this challenge by providing on-demand, actionable insights. Our new Insights Dashboard empowers security teams to improve their overall security performance, while our expanding compliance test packages help organizations mitigate risk and avoid costly penalties."
Advanced Adversary Emulation
Leveraging the MITRE ATT&CK framework, Flex 2.0 offers advanced adversary emulation, allowing organizations to rigorously test their security controls against real-world threat scenarios. The platform provides comprehensive adversary campaign testing, detailed performance metrics, and actionable recommendations, all delivered through a user-friendly interface.
Accessibility and Flexibility
One of the standout features of Flex 2.0 is its accessibility. The platform offers a flexible, pay-as-you-go model, making it an attractive option for organizations of all sizes. Its easy deployment process ensures that even companies with limited resources can benefit from state-of-the-art security testing.
AttackIQ's release of Flex 2.0 marks a significant step forward in the BAS space, providing organizations with the tools they need to stay ahead of cyber threats in an increasingly complex digital landscape.