AttackIQ, a Breach and Attack Simulation (BAS) solutions provider, has unveiled AttackIQ Ready! This is a fully managed breach and attack simulation service that makes use of years of advanced content and actionable reporting to improve the security posture and performance of organizations. AttackIQ Ready! has been designed to simplify the execution of a continuous security validation program, showing results in real-time and orchestrating faster remediation. The service is automated and available to everyone who wants it.
Without real data, security teams lack clarity about their capabilities and performance, and they cannot confidently operate against the adversary. Security controls only stop the adversary 39% of the time in the real world due to misconfigurations and security control degradation. To solve this problem, AttackIQ Ready! provides clear reporting and analysis so that security leaders know how well their controls perform against the adversary. The service provides weekly reports, monthly executive-focused reports, and insurance-focused reports that can be used to communicate to the executive team, the board, insurance companies, and regulators alike.
AttackIQ Ready! offers easy and immediate use from day one, providing an easy-to-use and immediate baseline understanding of the security coverage, as well as continuous visibility into the security posture. It helps identify gaps and issues surrounding overall cybersecurity hygiene. The service provides weekly and monthly reports about security controls' performance, including against specific adversaries curated by the AttackIQ Adversary Research Team. Every month, the team introduces a new set of adversarial campaigns to test security controls against a specific adversary. The AttackIQ Ready! team conducts weekly tests of security controls using MITRE ATT&CK-aligned assessments drawn from the full AttackIQ research library. The service also generates tailored, easy-to-use remediation guidance, so companies can close gaps and address issues quickly to improve performance.
AttackIQ Ready! introduces the option of detection testing for companies that have a security operations center or a SIEM structured to respond to alerts and attacks. The service provides in-app threat intelligence and analysis, giving immediate in-app analysis about emerging and advanced threats and how to prepare defenses to withstand attacks.
AttackIQ Ready! is not limited to security operations centers; all that is required are existing security controls to validate, either through cloud services like AWS or Azure or security providers. One security leader at a premier biosciences company recently used the AttackIQ platform to prove to an insurance company that his security controls were performing as intended and negotiate a peg to his insurance premium, saving his organization hundreds of thousands of dollars in fees.
AttackIQ has helped companies from the Fortune 10 to Global 2000 elevate their security effectiveness, including JetBlue, Bupa, and the Department of Defense. This service will help companies hone security analyst and security operations team performance, find redundancies in security controls, validate security controls for insurers, decrease the impact of breaches, and much more. AttackIQ Ready! will help an even broader range of customers to achieve these results.
Carl Wright, Chief Commercial Officer at AttackIQ, said: “We know that automated testing provides a path to better security and business outcomes. With this announcement, we are making AttackIQ's advanced testing capabilities available to a much broader section of the market. Many organizations lack the resources to operationalize the MITRE ATT&CK framework or conduct red team assessments of their cyberdefenses. We are very excited to release AttackIQ Ready! to help teams of all sizes maximize return on investment and improve operational readiness. You can’t manage what you can't measure, and we look forward to helping organizations measure their defenses against the adversary.”