AttackIQ automates the evaluation of Microsoft Defender ATP against the tactic categories as outlined by MITRE ATT&CK
SAN DIEGO, Aug. 22, 2019 – AttackIQ™, a leader in the continuous security validation market to help organizations achieve cyber resiliency, today announced the integration of its award-winning AttackIQ Platform with Microsoft Defender Advanced Threat Protection (ATP) to help joint customers and prospects validate the configuration and security coverage provided by the most widely deployed operating system in the world. In addition to the integration, AttackIQ is helping to validate Microsoft Defender ATP in Microsoft’s pre-sales engagements on account of AttackIQ’s differentiated open platform, easy to use interface, and alignment with MITRE, a nonprofit organization who has established a standard knowledge base of adversary tactics and techniques in its ATT&CK Framework.
Security teams can now use AttackIQ to run production emulation attack scenarios to validate that Microsoft Defender ATP is configured properly to detect and prevent malicious post-breach activity in an automated and continuous way. Validating security controls has been notoriously problematic for organizations, given the complexity of configuration options. AttackIQ and Microsoft have developed an effective and quick test that allows you to validate your Microsoft Defender ATP deployment in a matter of minutes.
“AttackIQ and Microsoft address key concerns in deploying any security technology: is it configured properly, and is it catching the latest known threats? Until now, it was mostly a game of guesswork to determine what could actually be detected and prevented. With the robust integration we’ve built with Microsoft, security teams can gain immediate visibility into current and ongoing status of their Microsoft Defender Advanced Threat Protection (ATP) configuration to quickly remediate any gaps that might exist,” said Chief Commercial Officer at AttackIQ, Carl Wright.
Organizations that meet the minimum requirements for Microsoft Defender ATP can install AttackIQ’s lightweight sensors in their environment and, with a click of a button, run and schedule on-demand assessments covering threat actors such as APT3 and APT29, in addition to standard endpoint detection and response (EDR) attacks. All results show up in the dashboard and templatized reports in an easy-to-digest format for CISOs to SOC analysts.
“Microsoft has been working with partners around the world through the Microsoft Intelligent Security Association (MISA) program to deliver innovative integrations that enhance enterprise security,” said Moti Gindi, General Manager, Windows Cyber Defense, Microsoft Corp. “The integration of AttackIQ Platform with Microsoft Defender Advanced Threat Protection (ATP) helps the security teams of our mutual customers to validate and optimize the effectiveness of Microsoft Defender ATP detection, investigation and response capabilities in their network.”
For a detailed description of how the AttackIQ platform integrates with Microsoft Defender ATP, read the solution brief HERE.
AttackIQ, a leader in the emerging market of continuous security validation, built the industry’s first platform that enables red and blue teams to test and measure the effectiveness of their security controls and staff. With an open platform, AttackIQ supports the MITRE ATT&CK framework, a curated knowledge base and model for cyber adversary behavior used for planning security improvements and verifying defenses work as expected. AttackIQ’s platform is trusted by leading companies around the world. For more information visit www.attackiq.com. Follow AttackIQ on Twitter, Facebook, LinkedIn, Vimeo, and YouTube.