Cymulate, the industry pioneer in SaaS-based Continuous Security Validation (CSV) announced the next generation Extended Security Posture Management (XPSM) platform leveraging its native, Offensive Security technology and capabilities to widely support customers security and business needs.
The combination of these new capabilities follows several product launches over the last six months and provides end-to-end validation of an organization's cyber security posture.
XSPM incorporates four fundamental pillars tied together with analytics to provide meaningful security posture insights: Attack Surface Management, Continuous Automated Red Teaming, and Breach and Attack Simulation alongside an Advanced Purple Teaming framework.
Attack Surface Management (ASM)
ASM tools scan domains, sub-domains, IPs, ports, and other assets for internet-facing vulnerabilities
Helping organizations understand how hackers might get an initial foothold, ASM tools scan domains, sub-domains, IPs, ports, and other assets for internet-facing vulnerabilities. These functions alongside Open-Source Intelligence (OSINT), which could be used in a social engineering attack or a phishing campaign.
Combined with Vulnerability Prioritiation Technology (VPT), these capabilities empower security teams to efficiently prioritize vulnerabilities and mitigation steps, ensuring a shorter time to remediation.
Continuous Automated Red Teaming (CART)
Moving beyond reconnaissance to answering: "how can an adversary breach my defences?" CART tools attempt to penetrate the organization by analyzing the exposed vulnerabilities and autonomously deploying attack campaigns that penetrate the network.
After gaining the initial foothold, an attack subsequently propagates within the network in search of critical information or assets, for example by triggering a well-crafted phishing email.
BAS and Advanced Purple Teaming
BAS tools launch simulated attack scenarios out of the box, correlate findings to security controls (email and web gateways, WAF, endpoint, etc.), and provides mitigation guidance. These tools are primarily used by blue teams to perform security control optimization.
Advanced Purple Teaming Framework expands BAS into the creation of advanced and custom attack scenariosAdvanced Purple Teaming Framework expands BAS into the creation and automation of advanced and custom attack scenarios. These tools easily follow the MITRE ATT&CK framework to model a threat actor, enabling security practitioners to create complex scenarios from predefined resources to custom binaries and executions.
Customized scenarios can be used to exercise incident response playbooks, proactive threat hunting, and automate security assurance procedures and health checks.
Cymulate’s XSPM platform
"With the threat landscape evolving at such a rapid pace, Cymulate's SaaS-based Extended Security Posture Management (XSPM) is better suited to cater to customers' needs," said Eyal Wachsman, CEO, and Co-founder of Cymulate.
"We're now continuing our vision to help organizations stay in control of their security posture while minimizing resources, as well as allowing security professionals and leaders to know and control their cybersecurity posture in a dynamic environment."
The XSPM platform provides out-of-the-box, expert, and threat intelligence-led risk assessments that are simple to deploy and use for all maturity levels, and constantly updated. Deployable within minutes, Cymulate enables security professionals to continuously challenge, validate and optimize their cybersecurity posture end-to-end, across the MITRE ATT&CK framework.
Discover how AI, biometrics, and analytics are transforming casino security
- Network / IP
- Biometrics
- Industrial security
- Private sector security
- Public sector security
- Security management
- Security installation
- Security tagging
- Security monitoring system
- Security training
- Industrial security systems
- Network cameras
- Security software
- Cyber security
- Corporate Security
- Data Security
- Cloud security
