AttackIQ Flex

AttackIQ Flex is on-demand, agentless test-as-a-service. It enables organizations to quickly emulate adversary behavior through a simplified user experience, delivering detailed security control performance metrics and mitigations in minutes.

Sign-Up for Flex Redeem Flex Credits Read the Solution Brief
Testing for Everyone

Pay as you go, flexible consumption democratizes testing by unlocking security validation for organizations where it was previously impractical.

Fastest Time to Visibility

Through agentless testing, organizations deploy Flex and get answers to their security validation questions in a matter of minutes instead of weeks.

Simplified Testing

A cornerstone of AttackIQ Flex, the self-contained test packages streamline design and execution and reduce the complexity associated with validating security controls.

Enhanced Visibility

The self-contained test packages enable organizations to conduct rapid tests on any network, regardless of whether they don’t manage them or aren’t internet connected.

AttackIQ Flex Offering

AttackIQ Flex provides an economical means of validating security controls without the need for expensive and time-consuming manual testing. With a pay as you go consumption model, you can test as little or as much as you want and across elements of your business.

Threat Emulations

Comprehensive adversary emulations run as self-contained test packages, validating controls against emerging threats.

Security Control Baseline

Security Control Baseline. Tests the efficacy of EDR, AV and content filtering security controls.

CISA Alert and Threat Descriptions

The AttackIQ Adversary Research Team produces attack graphs within 48 hours of CISA alerts and responds to emerging threats so you can validate your controls against real-world actors.

Reporting

 Security Baseline Adversary Emulation
CISO executive summary with recommended courses of action for improving security posture
Attack graphs with detailed adversary intelligence
Your test performance score and global comparisons
Detailed prevention results by stage and technique
Detailed MITRE ATT&CK and AttackIQ specific mitigations
Attack methodology and emulation details, steps executed

AttackIQ Flex

AttackIQ Flex is your first step towards security optimization.

Contact us today and unlock the flexible package needed to validate your defenses, emulate real-world attacks, and validate your security controls through our unique pay as you go, test as-a-service.

By submitting this form you indicate that you have read and agree to the terms of our Privacy Policy.

Common Questions

What is Flex?
Flex is an agentless breach and attack simulation tool, which we refer to as “test as a service.” It utilizes the AttackIQ platform and employs self-contained test packages to automate security testing without the need for any configuration or agents.
How is it different from Ready or Enterprise?
Flex is a lightweight implementation of the AttackIQ breach and attack simulation platform. Where Enterprise allows for more customization, Flex contains fully packaged scenarios. Click, run and done.
Does it use malware?
AttackIQ utilizes live malware samples that are saved and written to the local file system without execution. Using a hash comparison, Flex determines which samples were successfully planted on the endpoint. At the conclusion of the test, all staged files are promptly removed as part of the cleanup process.
How do I get credits?
Credits are provided for free in limited supply and will be available for purchase soon.
Will new adversary emulations be added?
We’re always adding new tests and regularly provide curated content, including new adversary emulations as new attacker campaigns emerge.
What type of content is available on AttackIQ Flex?
There are two types of packages currently available. Adversary campaign tests and baseline tests. Baseline tests assess the efficacy of your core security controls while adversary emulations test your ability to withstand TTPs of known attacker campaigns.
Is all of the AttackIQ Enterprise content available on AttackIQ Flex?
No. Flex contains a smaller subset of content than enterprise.
What reports are available on AttackIQ Flex?
Flex automatically generates a comprehensive report once the testing output is uploaded to the Flex portal. Specific report content varies depending on the report that is run.
Can I generate custom reports in AttackIQ Flex?
The lightweight implementation of Flex means users can only run the packages available in the menu. Customers may wish to pick and choose multiple tests to run together.
How can I upload a Flex test package to a remote endpoint?
Users can download a Flex test package and upload and execute on the endpoint of any supported OS.
Can I run AttackIQ Flex on any OS?
Only Windows OS is currently supported with additional support coming soon.
What are the primary AttackIQ Flex use cases?

There are innumberable uses cases for Flex. Below are some initial examples.

  • Zero trust. Perform regular testing to validate the security of critical assets.
  • SMB. Organizations with small network and security stacks, limited in house resources want to include security testing as part of security program
  • Red team augmentation. Automate the scripting and execution of attack scenarios and penetration tests, allowing red teams to comprehensively test security controls, identify vulnerabilities, and provide mitigations
  • Purple teaming augmentation. Design and execute attack scenarios against defenders with immediate feedback into people, process, and technology efficacy
  • Regular self-managed security validation. Basic security validation and breach and attack simulation
  • Fully managed security validation program. Conduct regular security validation but doesn’t have the staff to support in house testing
  • Security posture assessment. Use Flex to validate security controls by scaling as many test points as you need for a representative sample of your environment.
  • Managed service provider. Insurance provider or underwriter wants insuree to run a risk assessment on their network to determine coverage.
  • Network consolidation, including M&A activity. Acquirer or parent organization wants to quickly bring on new branch networks into the corporate umbrella. Deploying agents takes too long for the request.

Additional Resources

IDC Study: The Business Value of AttacklQ
The Business Value of the AttackIQ Security Optimization Platform

Learn how with the use of AttackIQ organizations can test and validate their overall IT security posture to proactively identify and remediate gaps.
US Cyber-Defense Agency Urges Companies to Automate Threat Testing

The US government’s cyber defense agency is recommending that companies embrace automated continuous testing.
AIQ Insights Graphic
Adversary Research

Stay up to date on our adversary research blog, adversary behavior studies, and demos. Sign up for AIQ Insights and we’ll deliver them straight to your inbox so you stay informed.