April 6, 2021
Our mission is to equip cybersecurity teams with the best predictive vulnerability prioritization platform and allow them to quickly identify and reduce more cybersecurity risk every day. To that end, we’re proud to announce the release of DeepSurface 2.0!
April 4, 2021
Erlang is a popular general-purpose programming language and runtime environment, with support for concurrency commonly found on many distributed systems. When distributed on Windows machines, the Erlang emulator can also be run as a service with the erlsrv.exe command. This seems to be commonly used with popular software, such as CouchDB.
March 23, 2021
AttackIQ’s new architecture upgrade makes it possible for customers to emulate comprehensive, multi-stage adversary cyberattack campaigns with realism and specificity, at every step in the kill chain. Check it out.
March 17, 2021
AttackIQ has added Atomic Red Team to our assessment library, bolstering our testing capabilities to further improve our customers’ security effectiveness.
February 23, 2021
After SolarWinds, organizations need visibility into their security program effectiveness against real world threats. Automated adversary emulations can help meet that need. By generating real data about how your security program performs against menuPass, you can see security failures, make data-informed adjustments, and plan smart investments to optimize your security. Check out the new emulation plan from MITRE Engenuity’s Center for Threat-Informed Defense and AttackIQ.
February 16, 2021
Adversaries love to hide malware in images, a tactic called data obfuscation. To help you solve this problem, at AttackIQ we have built scenarios to test your defensive capabilities’ ability to detect and prevent image-based malware. Read on to learn how it works – and how you can obfuscate data on your own to test your defenses.
February 8, 2021
AttackIQ’s Security Optimization Platform gives an agency a proactive—rather than a reactive—security posture. It enables continuous validation of security controls to definitively establish the effectiveness of key initiatives, to include zero-trust controls that prevent adversaries from moving laterally across a network, as in the case of SolarWinds.
December 23, 2020
Defensive technologies can provide meaningful capabilities to isolate the adversary from compromised systems as defenders and threat hunters inspect their networks, preventing further reconnaissance and lateral movement, but only if their effectiveness is tested and validated.
December 15, 2020
The alignment of NIST 800-53 and MITRE ATT&CK creates a unique opportunity for red, blue, and white teams to understand each other—and how they can work together to build a fully compliant and mature cybersecurity program.
November 12, 2020
Simple and important steps to make your cybersecurity program more efficient and effective.
October 5, 2020
Last week, the U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) issued an alert to critical infrastructure owners and operators across the United States to be vigilant for potential Chinese cyberspace operations given heightened tensions between the two countries. What does the CISA alert recommend, and why is it important to follow it?
September 23, 2020
Cybersecurity does not exist in a vacuum and current socio-economic pressures make the United States more vulnerable to cyberattacks of all kinds. With the U.S. presidential election underway, Americans need to take practical steps to defend our democratic processes, online and off. This essay outlines some of the issues facing the United States in advance of the election, shares insights from AttackIQ’s recent podcast with leaders of Harvard’s Defending Digital Democracy project, and offers specific steps to manage the cybersecurity challenges of this moment.
August 19, 2020
Ransomware is on the rise, particularly against city government and hospitals. In advance of the 2020 U.S. presidential election, how does the AttackIQ Security Optimization Platform help businesses to defend themselves?
August 3, 2020
If you know AttackIQ, you probably know us as the leading independent vendor of Breach & Attack Simulation systems. We build the best security control validation solution available. So how is it that I say our business is not security testing?