Original Post from SC Magazine
Author: Doug Olenick
Price: $40,000-$500,000 based on company size and number of attack vectors.
What it does: Cymulate divides the attack surface into seven attack vectors and runs hundreds of thousands of customizable simulations on the entire kill chain to test an organization’s security posture and controls.
What we liked: The focus on lateral simulations and the Lateral Movement module that shows how far an attacker could maneuver.
Cymulate divides the
attack surface into seven distinct attack vectors, downloading and leveraging
lightweight agents for each to conduct hundreds of thousands of customizable
simulations that safely mimic the behavior of cyberattacks to test an
organization’s security posture and controls across the entire kill chain.
Following testing, analysts receive playbooks with step-by-step remediation
guidance to help facilitate the mitigation process.
The product provides
assessments and tests for each of the three stages of the attack surface:
pre-exploitation, exploitation and post-exploitation. Organizations can
configure simulations to run daily, weekly, monthly or at predefined times and
days, after which the tool automatically emails results, which can also be
viewed via the dashboard.
This is a template-based
platform with full kill chain simulations that emulate the seven vectors of
attack: lateral movement, phishing awareness, email gateway, data exfiltration,
endpoint security, web application firewall and web gateway. The value of these
simulations lies in the inherent ability to leverage Cymulate for detection to
verify whether specific alerts are triggered by specific APT techniques. That
ensures current security configurations are detecting when an attack gets
Cymulate performs several
lateral movement simulations and even has a lateral movement module that shows
how far an attacker could maneuver inside of an endpoint in addition to how
well an infrastructure is configured.
The phishing element of
this platform identifies which users are most likely to fall for a phishing
attempt. Although the phishing simulation for users doesn’t provide any
education, it is still an effective means of testing and providing insights.
The immediate threat
dashboard uses intelligence that has been built into the platform to show any
existing vulnerabilities that would be susceptible to new threats.
Organizations can validate security controls by leveraging the intelligence in
the platform to make simulations more creative, adding a human level of
sophistication to test them the way an actual attacker would.
The tool displays the
results of simulations in a variety of views and reports.
A performance graph shows
each step of each simulation with color-coded outcomes. Red means the attack
was executed completely, orange means the attack was partially halted and green
says the attack was completely detected and blocked. Although the information
here is useful, we found the layout to be busy.
A benchmark graph takes
the results data from the simulations and provides a comparative view of an
organization against other, anonymous Cymulate clients in the same industry.
Other PDF-exportable reporting
options include executive summaries, lateral movement graphs and full technical
This fully customizable
solution provides organizations with create-your-own template functionality and
out-of-the-box options. This is an especially worthy breach and attack
simulation tool for anyone that wants to hone in on lateral movement
simulations and needs a BAS tool that integrates with risk management solutions
and scanners to supplement report data.
Starting price is $40,000;
however, company size and the number of attack vectors impacts price. Phone,
email, website support, a knowledgebase and FAQs are available 24/7 and come
standard with purchase.
Tested by Tom Weil
The post Cymulate Breach and Attack Simulation Platform 3.30.16 appeared first on SC Media.
Go to Source
Author: Doug Olenick