Attack Graph Response to US-CERT Alert (AA22-277A): Chinese Threat Actors Steal Sensitive Information from a Defense Industrial Base Organization
Adversary Emulation
AttackIQ Informed Defense Architecture (AIDA)
What is AttackIQ’s Informed Defense Architecture?
To validate cybersecurity effectiveness against real-world threats, organizations need a platform that can emulate the adversary with specificity and realism at every step in the cyberattack process. This is no small feat. On the basis of cutting-edge research, AttackIQ’s platform architecture helps customers validate their program effectiveness against real-world adversary behaviors.
In an industry first, AttackIQ’s Informed Defense Architecture (AIDA) is the only adversary emulation architecture built to test artificial intelligence (AI) and machine learning- (ML) based cyberdefense technologies in production, while emulating comprehensive, multi-stage attacks. The result is that customers can better test their people, processes, and defensive technologies against advanced persistent threats.
Key Components of the AttackIQ Informed Defense Architecture
Hosted Agent
The AttackIQ Hosted Agent makes it easy to deploy the Security Optimization Platform, streamlining the customer experience by providing a managed, external source and target, and making it easy to emulate advanced adversary behaviors.
Anatomic Engine
The Anatomic Engine makes it easy for operators of all skill levels to create complex adversary attack graphs (or attack flows) that are purpose built for emulating attacker patterns. Enumerating complete kill-chain sequences in this manner provides high-level efficacy when testing modern ML and AI based security controls.
Boundary Posture Management
AttackIQ’s Boundary Posture Management (BPM) module addresses the challenges of security control failure by continuously evaluating your boundary security, generating analytic data about your performance and identifying gaps between your assumed effectiveness and your actual posture.
Additional Resources
Webinar
Purple Teaming in the Cloud with ATT&CK
Organizations have moved rapidly to the cloud without a commensurate strategy for securing it. On the basis of innovative research from MITRE Engenuity’s Center for Threat-Informed Defense, cybersecurity teams can now leverage the ATT&CK framework against security controls within Azure to optimize cloud security effectiveness.
Webinar
