SC Magazine First Look on SafeBreach
In case you missed it, last month SC Magazine profiled SafeBreach in their First Look feature. The “First Look” article/column, which replaced stand-alone reviews in 2012, selects new, innovative, unusual products to review.
Here's what Peter Stephenson, the technology editor wrote:
"If you like really innovative – and useful – cyber defense tools, you will love SafeBreach. We read the background information on this one and, frankly, our first question to the company was: “How is this not just a fancy penetration testing tool?” As it turned out, the answer came very quickly; in fact, within moments of turning the tool on. And the answer? The two types of tools don't even play in the same ball park."
This is probably a good opportunity to clarify why we're not a penetration testing tool or a vulnerability assessment solution.
Penetration testing is typically focused on external attacks. Testing involves identifying vulnerabilities and exploting them to determine what kind of access an attacker can gain. Most ethical hackers or penetration testers are told where to focus, and success depends on skillsets.
Vulnerability assessment solutions deliver a list of vulnerabilities to be patched. But without proper context into which systems need to be patched and why, it seems to be an overwhelming challenge of playing catch up. A recent article from The Register highlighted the results from a series of vulnerability scans across 100 companies by an information assurance company. The scans found 900,000 security-related red flags, and a false positive rate of 89 per cent in some industries. In addition, even if you drop everything and just focus on patching, history has proven that a completely patched system does not equate to a completely secure system, just as a network that is compliant to regulatory mandates does not equate to being resilient against attacks.
Our platform in contrast finds all possible ways an organization may be breached in a continuous, automated fashion. This means that instead of relying just on vulnerabilities, we actually play the hacker and simulate a variety of hacker breach methods -- from exploits and malware to brute force methods. Our platform provides the ability to track remediation progress and can simulate both internal and external attacks. Guidance on mitigating breach scenarios are provided and initiation of these continuously-running validation can be integrated with change control systems.
We are like your very own "automated red team", validating actual breach scenarios. The goal is to quantify your impact from a breach, provide valuable insights about the efficacy of security controls, and test the readiness of your teams in dealing with a cyberattack.
If you missed the article, you can catch it here.