Monday , September 28 2020

New “red team as a service” platform aims to automate hacking tests for company networks, Ars Technica

    

      Rock ’em Sock’ em Red Team Robots –

             

Automated reconnaissance and attacks in security’s name, without boutique red team.

      

      

CSA Images via Getty Images

Red teaming, the practice of actively researching and exploiting vulnerabilities in systems to help find and fix gaps in their security, has long been the realm of high-paid security consulting firms with hands-on-keyboard (and occasionally, with full penetration testing, hands-on-lockpick engagements, and not something most companies can afford to do regularly. Large organizations and software firms with a business imperative to keep their systems secure have specified internal red teams, but smaller organizations that need red teams for things like getting credit card compliance certification or checking the security of other financial systems often rely on hit-and -run engagements with outside specialists.

There have been other efforts to streamline and automate components of red teaming to make it a more regular part of companies’ security programs. For example, Scythe , a firm that spun out of the security research company Grimm , has focused on providing attack simulation as a service — allowing a company to test the mettle of its “blue team” defenders and users by running modular “attacks” that mimic the techniques of known threat groups, while creating a marketplace for security testing modules. And other companies, such as Pwnie Express , have used passive and “offensive” security tools to scan and audit networks for potential attack vectors.

Randori takes the red-teaming mission several steps further. Instead of running simulations of attacks based on known threats, Randori Attack runs real, novel attacks based on emerging vulnerabilities — much like a human red team would. Founded by CEO Brian Hazzard (formerly of Carbon Black) and CTO David “Moose” Wolpoff (a reverse-engineering and red-teaming veteran of the specialist security firm Kyrus Tech), Randori’s “flagship” service is the Attack Platform — a cloud- based system that, when combined with Randori’s Internet-based reconnaissance system, will constantly discover and attempt to exploit a customer company system, playing the role of what Hazzard describes as “trusted adversary.”

(Enlarge

(Read More)

About admin

Check Also

Kogito – Cloud-based business automation platform, hacker news

1 You need an IDE like IntelliJ IDEA, Eclipse or VSCode. Eclipse is preferred with the BPMN modeler plugin. 2 You need JDK 8 to 11 with JAVA_HOME system property set correctly.Optionally, get GraalVM 19.1.1+ for native compilation with the GRAALVM_HOME system property set correctly and 'native-image' installed (using 'gu install native-image'). This guide covers…

Leave a Reply

Your email address will not be published. Required fields are marked *