Special Focus Demos
Cloud Security Done Right: AttackIQ’s Game Plan
Organizations have moved rapidly to the cloud without a real strategy for ensuring security effectiveness. Misconfigured cloud security controls are a common cause of security breaches, but they are difficult to detect without proper validation and monitoring, leaving companies in the blind. The AttackIQ Cloud Security Optimization solution can guide you through the complete process of validating Azure Cloud security controls, all the way from initial setup to the automatic generation of reports—making it a seamless process, even if you have no prior Cloud testing expertise.
AttackIQ Flex: Boost Your Security for Free
Imagine testing your cybersecurity defenses effortlessly and at absolutely no cost. Introducing, AttackIQ Flex. AttackIQ Flex makes security testing accessible to organizations of all sizes, offering a risk-free way to practice and fortify your cybersecurity posture. With a hassle-free, agentless setup, there are no complex installations or IT expertise required. Plus, it’s completely free forever, allowing you to enhance your security without worrying about expenses.
Test Your Defenses Against Russian FSB “Turla” Malware
Join us as we demo our AttackIQ Flex test package designed to combat the Turla-Russian intelligence malware campaign. Turla, alias Snake, has been a persistent threat, orchestrated by Russia’s Center 16 of the Federal Security Service (FSB), targeting global victims since 2003. This custom malware implant has infiltrated more than 50 countries, including various U.S. sectors, from education to government. Fortify your defenses against Turla with AttackIQ Flex – the ultimate cybersecurity solution. Don’t wait, take action against cyber threats today!
AttackIQ Ready! + Flex: Testing for everyone.
Join us for a demo of AttackIQ Ready! + Flex where we will discuss key features of these products, including how it automates the process of running emulations how it tests misconfigurations, and how it generates reports. We will show how AttackIQ Ready! + Flex can emulate real-world attacks, including advanced persistent threats, ransomware, and other malware, and discuss how our team of experts manages the entire process of running emulations for you, freeing up resources to focus on other critical security tasks. Lastly, we will show you how AttackIQ Ready! + Flex generate weekly reports that provide a detailed analysis of your security posture, including security gaps and areas for performance improvement. Don’t miss out on this opportunity to see the power of AttackIQ Ready! + Flex in action.
Emulating the Iranian Nation State Threat Group APT35
Nation-state adversaries are often well-funded, resourced, and motivated to conduct ongoing campaigns. The Iranian APT35 threat group is a subgroup associated with the Islamic Revolutionary Guard Corps (IRGC), an intelligence arm of Iran’s military. Due to their ongoing activities that target multiple industries in Europe, the Middle East, and North America, defenders should emulate the adversary to get ahead of the threat. Join our demo with the AttackIQ Adversary Research Team to gain a briefing on APT35 and a full demonstration of how to emulate common APT35 tactics, techniques, and procedures using attack graphs in the AttackIQ Security Optimization Platform.
BAS-as-a-Service? It’s True!
Join us for a demo of our newly released product, AttackIQ Ready! – a fully managed breach and attack simulation service that provides continuous validation of your security controls. We’ll discuss the key features of AttackIQ Ready!, including how it automates the entire process of running simulations, from configuring the environment to generating reports. Additionally, we’ll demonstrate how AttackIQ Ready! can simulate real-world attacks, including advanced persistent threats, ransomware, and other malware and discuss how our team of experts manages the entire process of running emulations for you, freeing up your resources to focus on other critical security tasks. Lastly, we’ll show how AttackIQ Ready! generates weekly, monthly, and insurance-focused reports that provide a detailed analysis of your environment’s security posture, including security gaps and areas for improving your performance. Don’t miss out on this opportunity to see the power of AttackIQ Ready! in action.
Measuring Security Control Effectiveness with Attack Graph Stages
AttackIQ is thrilled to announce that we have upgraded our attack graphs to evaluate your security control performance at each stage of an attack. Our customers now have the ability to analyze their security performance against an actor’s initial access and compare them against persistence techniques employed internally by the attacker. Join our demo with the AttackIQ Adversary Research Team to explore the exciting possibilities of this new functionality and how you can use it with existing assessments and create your own custom attack graphs, tailored to emulate your most pressing threats.
Operationalizing MITRE ATT&CK with AttackIQ Ready! and Enterprise
Take your threat detection and response capabilities to the next level by operationalizing MITRE ATT&CK with AttackIQ Ready! and AttackIQ Enterprise. Join us in a demo and learn how AttackIQ’s services and platforms can help you automate the MITRE ATT&CK framework to enhance your security readiness. You will discover how AttackIQ Ready! runs automated adversary emulations based on ATT&CK techniques to provide you with continuous security control validation. Then we will dive into AttackIQ Enterprise, our co-managed breach and attack simulation service for larger enterprises, where AttackIQ serves as your co-pilot in designing and executing a threat-informed defense strategy at scale and in production.
Strengthening Your Cyberdefenses
Unveiling the Power of AttackIQ and LogRhythm SIEM Integration
Are you tired of feeling like your organization is constantly under threat from cyberattacks? Do you worry about a breach’s impact on your business operations, reputation, and bottom line? You’re not alone. The threat of cyberattacks is more prevalent than ever, and organizations of all sizes and industries are at risk. This demo will showcase how the AttackIQ Security Optimization Platform integrates with the LogRhythm SIEM to provide comprehensive threat detection and response capabilities. Join us to learn how our joint solution can help you proactively identify security gaps and emulate attacks to evaluate your security posture and see how this data feeds into your LogRhythm SIEM for advanced analysis and response using multiple data sources.
JupyterHub: Your Gateway to Data Adventures
JupyterHub is an open-source, multi-user platform that enables data scientists and machine learning engineers to collaborate and work together seamlessly. With JupyterHub, you can create and manage multiple Jupyter notebooks for different projects and teams, all in one place. It’s a powerful tool for teams working on data science projects, machine learning models, and more. In this demo, we will showcase the key features of JupyterHub and how it can benefit your team’s productivity and collaboration. We will walk you through the process of setting up and using JupyterHub, from creating new user accounts to launching new Jupyter notebooks. We’ll also demonstrate how JupyterHub can be customized to meet the unique needs of your team and organization. Join our demo to learn how you can get started with JupyterHub today.
AttackIQ Enterprise: Co-Managed Breach and Attack Simulation 101
Get ready to take your cybersecurity to the next level with AttackIQ Enterprise! Our co-managed Breach and Attack Simulation platform is the ultimate weapon against cyberthreats, helping businesses to proactively identify and address vulnerabilities in their network and applications. With AttackIQ Enterprise, you can simulate real-world attacks, collaborate with our experts, and fine-tune your defenses to ensure maximum protection against sophisticated threats. Customers have saved themselves millions of dollars using AttackIQ Enterprise and our novel co-managed consulting model. Join us and unleash the full potential of your cybersecurity strategy.
Harnessing Chaos with Multi-Test Point Attack Graphs
Are you concerned about the security of your complex systems? Look no further than Multi-Test Point Attack Graph (MTAG), the cutting-edge tool designed to help security professionals evaluate and improve the security of their systems. With MTAG, you can define multiple test points and visualize all possible attack paths, allowing you to identify critical vulnerabilities and prioritize your mitigation efforts. This powerful tool also allows you to simulate attacks on the system and test different scenarios to develop more effective strategies for protection. Don’t miss this opportunity to stay one step ahead of attackers and ensure the security and resilience of your systems. Join us for a thrilling demo of MTAG and see for yourself the power of this innovative security tool.
Jupyter Notebooks 101: Getting Started
Over the last year AttackIQ worked with our customers to develop a dynamic reporting and analysis capability in the AttackIQ Security Optimization Platform around Jupyter notebooks to analyze, visualize, report, and study security program performance. Teams can use AttackIQ’s open API with dozens of Jupyter Notebooks to automate emulation-related tasks and generate charts and graphs to help your board, C-suite, and operations teams make decisions and move forward more effectively and efficiently. Join this demo to learn how customers can make the most of AttackIQ’s Jupyter notebooks – with a focus on C-suite and board reporting.
Combating Chinese Threat Actors with Advanced Attack Graphs
The AttackIQ Platform is designed to protect your network against cyberattacks, including those from Chinese threat actors. Our platform can use advanced attack graph modeling to visualize the different pathways attackers could take to infiltrate your network and compromise sensitive data. In this demo, we will showcase how our attack graphs can help you simulate a wide range of attacks and threat scenarios, including those originating from Chinese threat actors. By using these advanced attack graphs, you will be able to identify potential vulnerabilities and take proactive measures to mitigate them before any real damage occurs.
Batton Down the Hatches Against Emotet with Attack Graphs
Emotet continues to be used in wide broad-based attacks against victims in all sectors across the world. In response, AttackIQ has released two new attack graphs emulating recent Emotet campaigns that resulted in data exfiltration and ransomware extortion. These attack graphs will help you to validate security controls, understand incident response processes, and support the improvement of your security posture against an actor who uses both native system tools and their own bespoke malware. Join us to learn how your team can use data generated from continuous testing and the use of attack graphs to achieve key security outcomes, adjust your security controls, and work to elevate your total security program effectiveness against a known and dangerous threat.
How to Level Up Your Threat Intel with Attack Flows
Describing adversary behavior using the ATT&CK knowledge base is a cornerstone of the threat-informed defense paradigm. Techniques rarely occur in isolation, and instead, the attacker typically uses each technique to pave the way for others as they pursue their ultimate objectives. Tap into the ways you can expand your knowledge surrounding threat intelligence by utilizing Attack Flows—the basis for attack graphs within the AttackIQ platform. In this demo, the AttackIQ Adversary Research Team will show you how Attack Flows model these sequences of ATT&CK techniques to make threat intelligence more powerful and visual.
Improving Cybersecurity Readiness with AttackIQ Attack Graphs for US-CERT Alerts
The U.S. government has improved its alert process for emerging cyberthreats to the United States and its allies and partners around the world—with the U.S. Computer Emergency Response Team (US-CERT) alert system and the MITRE ATT&CK framework at the center. In response to a new threat, US-CERT uses MITRE ATT&CK to describe observed adversarial tactics, techniques, and procedures (TTPs), and following a US-CERT alert, AttackIQ produces comprehensive attack graphs to emulate the attacker with specificity and realism, aligned to the TTPs in the alert. In this demo, join us to explore how AttackIQ produces attack graphs, and learn how attack graphs can help optimize your cybersecurity readiness and effectiveness.
Cyberinsurance: Necessity or Nice-to-Have?
In an age of increasing cybersecurity risk and ransomware cases, cyberinsurance has become more and more important to businesses. However, as premiums continue to rise, policy holders have been forced to decide whether this costly safety net is truly worth it. This decision does not have to be binary. Instead, organizations can take proactive measures to demonstrate their security program’s effectiveness to underwriters and lower their premiums as a result. Join this demo to learn how the AttackIQ platform can help to improve your security control effectiveness and save you hundreds of thousands of dollars in return.
Emulating Infamous Cybercrime Malware
Given the diversity and complexity that currently exists in the eCrime environment, a problem that continues to arise is: “How can we emulate a large set of adversaries in an effective and opportune manner.” For this reason, AttackIQ has decided to start a chapter of emulations that focuses on those pieces of malware that act as essential commodities for the infection chains of dozens of adversaries. In this demo, join the AttackIQ Adversary Research Team (ART) to explore the in-depth research and resulting emulations of multiple long-standing malware families used and abused by multiple threats around the world.
Using AttackIQ to Test Lateral Movement Techniques
Lateral movement is a critical tactic in an adversary’s kill chain with techniques that leverage common tools. Validating defenses by emulating these techniques as actors employing them to gain deeper access into a network, is part of a threat-Informed defense. Join this demo to learn about using the AttackIQ Security Optimization Platform to validate security controls with lateral movement techniques.
Cuba Ransomware Attack Graph
On December 1st, 2022, the FBI and CISA released a joint cybersecurity advisory that expands their #StopRansomware efforts to help organizations protect themselves against Ransomware attacks. In response, AttackIQ released a new attack graph emulating a Cuba ransomware attack to help you validate security controls, evaluate security and incident response processes, and support the improvement of your security control posture against an actor who uses both native system tools and their own bespoke malware. Join us to learn how your team can use data generated from continuous testing and the use of this attack graph to achieve key security outcomes, adjust your security controls, and work to elevate your total security program effectiveness against a known and dangerous threat.
North Korean Cybersecurity Alert
As a result of recent cybersecurity advisories based on North Korean malicious Cyber Activity released by the Cybersecurity & Infrastructure Security Agency (CISA) in conjunction with the Federal Bureau of Investigation (FBI) and U.S. Department of the Treasury on April 18 and July 6, 2022, AttackIQ has conducted in-depth research on the adversary known as Lazarus Group and its two subgroups, the financially motivated adversary, BlueNoroff, and the politically motivated adversary, Andariel. In this demo, join the AttackIQ Adversary Research Team (ART) to explore the in-depth research that has led to the creation of 14 new attack graphs, which can help optimize your cybersecurity readiness and effectiveness against these highly sophisticated threats.
Security Control Validation in the U.S. Department of Defense
Curious about how to ensure your security controls are operating properly? AttackIQ cybersecurity specialists will show you how to leverage the AttackIQ Security Optimization Platform to run threat emulations. We will focus in particular on known threat actors, behaviors, and initiatives that impact the U.S. Department of Defense. Tune in to discover how to think like the adversary and test your defensive technologies continuously.
Cloud Security with MITRE ATT&CK
The advent of cloud technologies has changed everything about how networks are built and operated. Infrastructure, policy, and configuration can can all now exist as code. Cloud technologies can be deployed quickly, updates and integrations can occur automatically, and services can scale rapidly across geographies. The cloud era demands new approaches to security. Join this demo to learn about new cloud security features in the Security Optimization Platform and how you can maximize your security program effectiveness with AttackIQ and MITRE ATT&CK.
How to Validate Your Controls Against Text4Shell
What is the correct way to validate your controls against a Text4Shell or similar library vulnerability? You need an adjustable, open systems testing platform to test the specific aspects of your implementation to accurately assess if your security controls are correctly configured to stop attacks that leverage it. Join Ken Towne from AttackIQ’s Adversary Research Team (ART) to learn how you can leverage AttackIQ’s open system testing platform to validate your controls against the recent Text4Shell or similar vulnerability.