SANTA CLARA, Calif.AttackIQ, the leading independent vendor of breach and attack simulation (BAS) solutions, today announced the approval of the AttackIQ Security Optimization Platform by the U.S. General Services Administration (GSA) and its availability for purchase via Four Inc.’s GSA Federal Schedule. AttackIQ federal customers can now take advantage of streamlined procurement processes and access to a trusted and authorized vendor, enabling them to enhance their cyberdefenses more efficiently and effectively.

The AttackIQ Security Optimization Platform runs adversary emulations aligned to the MITRE ATT&CK framework of adversary tactics, techniques, and procedures, testing security programs and generating real-time performance data about how well cyberdefense teams and technologies perform against the adversary. Armed with clear performance metrics, government agencies can identify misconfigurations in their defenses, find gaps in security coverage, and focus their teams on ensuring that their defenses perform effectively against the threats that matter most.

“We are excited to make AttackIQ available on the GSA Schedule, providing our customers and partners streamlined access to innovative breach and attack simulation solutions,” said Chris Wilkinson, EVP of Platform Sales at Four Inc. “This collaboration strengthens our ability to offer our customers and partners comprehensive, cybersecurity solutions providing visibility into security control performance, clarity about known threats, and point-in-time data to improve decision making.”

A top cybersecurity challenge that government agencies face today is obtaining quality, timely and accurate risk data; however, there is an emerging regulatory movement that emphasizes outcomes-based effectiveness. The new National Cybersecurity Strategy underscores the importance of regulations being “performance-based,” with a focus on evaluating security effectiveness against the tactics, techniques, and procedures employed by adversaries. In September 2022, the Cybersecurity and Infrastructure Security Agency (CISA) began recommending organizations conduct automated testing using MITRE ATT&CK to validate the performance of their cyber defenses. And in October 2022, the Department of Defense (DoD) published its first Zero Trust Strategy, establishing a framework for secure access and continuous monitoring across government networks and systems.

“Our collaboration with Four Inc. allows us to support the government on a larger scale and contribute to the specific initiatives the federal agencies need. AttackIQ’s expertise combined with Four Inc.’s distribution capabilities and access to specific contract vehicles will help government agencies achieve a higher level of security assurance,” said Jonathan Reiber, VP of Cybersecurity Strategy and Policy at AttackIQ. “AttackIQ empowers government agencies to test and validate their security controls in a continuous and automated fashion and with real-time performance data. With the data we provide, security leaders can make smarter decisions regarding their strategy, workforce management, compliance, and investments. By making this solution accessible through GSA, AttackIQ can better deliver cybersecurity solutions to federal clients in a timely and cost-effective manner.”

AttackIQ is deployed in over a dozen U.S. government agencies and organizations, including three of the six U.S. military branches of service; customers in the legislative branch, intelligence community, defense agencies; and numerous executive branch civilian agencies. AttackIQ is the only vendor that enables teams to test artificial intelligence and machine learning cyberdefense technologies at scale and in production against multiple threats concurrently. AttackIQ is also 100% vendor-neutral, eliminating potential conflicts of interest with any tools in a customer’s control stack.

About AttackIQ

AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. A proud member of the Microsoft Intelligent Security Association (MISA), the Company is committed to giving back to the cybersecurity community through its free award-winning AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity’s Center for Threat-Informed Defense. For more information, visit Follow AttackIQ on Twitter, Facebook, LinkedIn, and YouTube.