SafeBreach GRID helps identify, prioritize and mitigate enterprise security gaps revealed by breach simulation

SafeBreach Inc announced availability of SafeBreach GRID- Global Risk Director, its breach and attack simulation application that uses correlative analytics to identify security gaps and link them to their potential business impact. 

Existing solutions like vulnerability management, pen testing and basic breach and attack simulation, can find single point security gaps, but fail to take a system wide, multi-stage “Hacker’s view” of attacks that automatically attempts all available attack paths and then identifies all potential attacker kill chains. Moreover, no other systems today can rank security gaps discovered by their potential business impact if exploited.

SafeBreach GRID provides the data required for mitigation by correlating data from many complex, multi-stage simulations that run continuously to produce a posture impact score for each security gap found. Second, GRID ranks exploitable security gaps by potential business impact in a single recommendation matrix. This helps security teams prioritize which gaps to address, and provides precise recommendations on how to improve security product configurations to minimize the potential business impact of a breach. GRID also includes a set of risk indicators to help teams track and report on their progress. 

The SafeBreach GRID works with the SafeBreach Platform and includes easy to understand risk indicators to help quantify business risk; analysis of multiple simulation results to provide prioritization of remediation activities; and detailed guidance on security configuration changes based on potential business impacts. Its integration via the SafeBreach platform with a wide range of security tools to automatically gather and enrich SafeBreach’s analysis of enterprise network and endpoint security gaps for an organization.

The SafeBreach platform provides continuous, automated testing of an organizations’ security architecture using advanced, patented simulation technology. SafeBreach attack simulations are exact reproductions of an attackers’ tactics and techniques, but pose no risk to the organizations’ operations or assets. Attacks are executed between simulator instances deployed both within and outside of the organizations’ network providing broad coverage and fully testing the entire security ecosystem deployed by an organization.

“SafeBreach GRID correlates security gaps discovered during attack simulations with the value of potentially affected assets, automatically calculating the potential business impact of a misconfiguration. It helps my team prioritize which actions to take to maximize protection, and how to minimize the potential damage we might face if our systems were breached,” said Yaron Levi, CISO, Blue Cross and Blue Shield, Kansas City. 

Prioritizing the response of a security team is one of the most critical needs. 

According to Gartner, “Even when organizations are aware of gaps in the security posture, they don’t know where to start, especially in the case of a recent acquisition, in which the new environment might be completely unknown.” Gartner goes on to state, “Although it may sound overly dramatic, there is a veritable epidemic of misconfigured, disconnected, turned off, and non-optimized security tools all over the organization. There is also a possibility that an attacker that compromises a system and breaches an organization will disconnect the controls or interfere with their operation. Many recent breaches involved information security controls that have failed to pick up evidence of the attacker’s activity, as well as controls that were disabled by an attacker or an IT team.”

“Breach and Attack Simulation products can easily find security configurations that are incomplete or wrong, but until now this has only produced a confusing kitchen sink of remediations that were not clearly correlated to risk or priority,” said Yotam Ben Ezra, VP Products at SafeBreach. “We built GRID because our customers asked us to help their security teams increase efficiency by identifying and addressing the most impactful issues first, based on rigorous analysis of their assets, the current threat landscape, and discovered misconfigurations or security gaps in their network, systems or endpoints. We give them the actionable guidance they need in order to update their configuration and secure their enterprise.”

SafeBreach announced in May that it has joined the Microsoft Intelligent Security Association, a collaborative initiative to help organizations defend against increasingly sophisticated, fast moving threats worldwide. The collaboration between SafeBreach and Microsoft will enable customers to safely simulate cyber-attacks to validate their security controls are working as expected. This will enhance the efficacy of their endpoint security and create a higher level of confidence in their overall security program. 

The integration of SafeBreach and Microsoft Defender Advanced Threat Protection (ATP), a unified endpoint protection platform, will enable both enterprise and cloud customers to measure their security posture, configure their policies to meet their needs, continuously validate their Microsoft Defender ATP deployments, and respond to threats faster and more efficiently.

IoT Innovator Newsletter

Get the latest updates and industry news in your inbox! Enter your email address and name below to be the first to know.