SafeBreach’s platform enables Deloitte clients to run thousands of attacks against their IT infrastructure to identify risks and enhance the effectiveness and value of their security controls.
SUNNYVALE, Calif., May 18, 2021 -- SafeBreach, provider of the leading continuous security validation platform in large and global-scale enterprises to validate security controls, today announced a new strategic alliance with Deloitte, a leader in security consulting services. To enhance its adversarial simulation services, Deloitte clients will be able to leverage SafeBreach’s automated Breach and Attack Simulation (BAS) capabilities via its platform. With SafeBreach technology, Deloitte clients will be able to enhance data-driven insights to help understand potential weaknesses, increase security control effectiveness, and prioritize remediation activities aimed to reduce the attack surface and ultimately improve security posture.
The number and complexity of cyber threats grow constantly, making maintaining a strong security posture with manual assessments or even semi-automated penetration testing a challenge. At the same time, regulations pertaining to organizations’ cyber and data protection capabilities are evolving and proliferating. To more effectively integrate, orchestrate, and utilize their existing security controls, many security operations teams are turning to tech enablers, such as SafeBreach’s BAS.
Unlike “point-in-time” cyber security assessments, SafeBreach enables continuous security control validation in production environments to provide an ongoing and accurate assessment of which tactics, techniques, and procedures (TTPs) pose the greatest risk to an organization. Further, SafeBreach will provide Deloitte clients’ security operations teams and DevSecOps practitioners with custom, automated, and continuous BAS services and remediation guidance to help improve security posture. With step-by-step remediation instructions and an array of technology integrations – including vulnerability management, threat intelligence platforms, Security Information and Event Management (SIEM) platforms, Security Orchestration, Automation and Response (SOAR) platforms and Endpoint Detection and Response (EDR) platforms – SafeBreach BAS can complement and act as a force multiplier for labor-intensive, costly, and manual testing efforts such as penetration testing and red-blue teaming.
“Shifting from a point-in-time, compliance-based cyber approach to continuous monitoring of program effectiveness enables organizations and their security teams to enhance situational awareness of potential weaknesses and prioritize remediation actions that can help reduce risk,” says Andrew Rafla, Deloitte Risk & Financial Advisory’s Zero Trust leader and a principal in Cyber and Strategic Risk, Deloitte & Touche LLP. “Through our strategic relationship, SafeBreach will join Deloitte’s portfolio of alliances that facilitate our delivery of tech-enabled, outcome-driven solutions that can help enhance our clients’ abilities to detect and respond to cyber risks.”
“For businesses, guarding their IT systems and reducing risks has become a top priority in the C-Suite. With this alliance, we can provide a powerful combination of advanced, continuous security validation to understand complex cyber risk with the vast human intelligence and experience that Deloitte brings to the table. Combined, we hope to help quantify and improve security posture for organizations in any sector,” says Guy Bejerano, CEO and Co-Founder of SafeBreach.
SafeBreach’s continuous security validation platform — including its Hacker’s PlaybookTM collection of breach and attack methods, as well as near-real-time prioritization and remediation intelligence for BAS testing — is immediately available to Deloitte clients via multiple engagement models.
As used in this document, “Deloitte” means Deloitte & Touche LLP, a subsidiary of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of our legal structure. Certain services may not be available to attest clients under the rules and regulations of public accounting.
SafeBreach is the world’s most widely used continuous security validation platform in large and global scale enterprises. The patented SafeBreach platform empowers CISOs and their teams to validate security controls, maximize their effectiveness, and drive down risk. SafeBreach provides a "hacker’s view" of an enterprise’s security posture by continuously validating security controls. The platform presents findings in customized dashboards, enabling stakeholders to focus on the biggest risks to the organization. SafeBreach automatically and safely executes thousands of attack methods to validate network, endpoint, cloud, container and email security controls against its Hacker’s Playbook™, the world’s largest collection of attack data broken down by methods, tactics and threat actors. Data from SafeBreach validations can improve SOC team responses and empower management teams to make smarter decisions to better manage risk and invest resources. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital Partners, OCV Partners, DNX Ventures, Hewlett Packard Pathfinder, PayPal and investor Shlomo Kramer. For more information, visit www.safebreach.com or follow us on LinkedIn.