Tracking Image
October 24, 2017

AttackIQ Announces the First Commercial Continuous Security Validation Platform Built on the MITRE ATT&CK Matrix

Category: Press Releases

 

Enterprises can Rapidly Test Security Stacks to Detect and Block against Adversary Techniques, Tactics and Procedures

 

SAN DIEGO, CA--(Marketwired - Oct 24, 2017) - AttackIQ™, a leader in the emerging market of continuous security validation, today announced the general availability of its new FireDrill™ platform supporting the MITRE ATT&CK Matrix, a curated knowledge base and model for cyber adversary behavior useful for planning security improvements and verifying defenses work as expected. The first-of-its-kind platform will enable CISOs to more effectively validate security controls and reduce risk by taking an offensive approach to cyber defense. This will give teams a deeper understanding of a potential intrusion chain of events, through attack simulation and the ability to proactively defend against known TTPs.

"AttackIQ's implementation of the MITRE ATT&CK Matrix into the FireDrill continuous security validation platform is encouraging," said Frank Duff, lead for MITRE's Leveraging External Transformational Solutions in Cybersecurity at the MITRE Corporation. "Commercial and Federal government entities alike can gain significant insight into organizational security postures, products and processes by assessing themselves against the known threat. Describing this threat via the ATT&CK Matrix enables a common way of communicating their organization's security, as well as identifying potential weaknesses to enable improvement."

Key Benefits of the Continuous Security Validation Platform built on the MITRE ATT&CK Matrix:

  • Automate time-consuming manual processes
  • Extend the coverage and depth of validation efforts
  • Gain deeper understanding of vulnerabilities and risk
  • Understand the impact of threats to your organization
  • Better protect against potential threats
  • Free up red teams' time to focus on critical priorities

AttackIQ, known for its Offensive Defense strategy, pledges that security teams will find protection failures before the adversary by augmenting red teams with their patented attack simulation platform. This approach gives red teams the ability to provide augmentation to test more; blue teams a continuous security control validation tool to locate problems before attackers do; and incident response teams the ability to exercise "at will" to evaluate performance or identify process gaps. Furthermore, this plan of action gives CISOs constant insight into the effectiveness of the company's security controls and posture.

"AttackIQ and the MITRE ATT&CK framework provides us with a unique insight into our security controls and maturity," said Stuart McIntosh, Security Analyst, Fortune 500 Financial Services Provider. 

"Our newest version of the AttackIQ platform is dedicated to operationalizing the MITRE ATT&CK Matrix. This will allow our customers to rapidly and continuously validate their security controls and processes against MITRE's thought leading security attack framework," said Stephan Chenette, CEO and co-founder of AttackIQ.

The continuous security validation platform built on the MITRE ATT&CK Matrix is available, visit www.attackiq.com for more information, or to attend a webinar on the topic, visit https://goo.gl/1UbHeV.

 

For more information on AttackIQ and the FireDrill platform, please visit www.attackiq.com. Follow AttackIQ on TwitterFacebookLinkedIn, and Vimeo.

About the Author

Carl Wright, is a seasoned entrepreneur and executive with experience in the security, storage, virtualization, and software sectors.