Attack simulation and "red teaming as a service" have become a hot area of development over the past few years as companies continue to seek ways to better train their network defenders and find problems before attackers do. Randori, a company pulling together red-teaming skills and security software experience, today is launching a new platform that attempts to capture the expertise of a high-budget security testing team as a cloud-based service—giving chief information security officers a way to continuously take the pulse of their companies' defenses.
Red teaming, the practice of actively researching and exploiting vulnerabilities in systems to help find and fix gaps in their security, has long been the realm of high-paid security consulting firms with hands-on-keyboard (and occasionally, with full penetration testing, hands-on-lockpick) engagements, and not something most companies can afford to do regularly. Large organizations and software firms with a business imperative to keep their systems secure have typically maintained internal red teams, but smaller organizations that need red teams for things like getting credit card compliance certification or checking the security of other financial systems often rely on hit-and-run engagements with outside specialists.
There have been other efforts to streamline and automate components of red teaming to make it a more regular part of companies' security programs. For example, Scythe, a firm that spun out of the security research company Grimm, has focused on providing attack simulation as a service—allowing a company to test the mettle of its "blue team" defenders and users by running modular "attacks" that mimic the techniques of known threat groups, while creating a marketplace for security testing modules. And other companies, such as Pwnie Express, have used passive and "offensive" security tools to scan and audit networks for potential attack vectors.
No comments:
Post a Comment