All Articles

Continuous Automated Red Teaming at RSAC 365 Innovation Showcase

Posted by Allan Gray on April 5, 2021 at 10:34pm

RSAC 365 Innovation Showcase discusses Continuous  Automated Red Teaming.  RSA Conference is a premier series of global events for the cybersecurity community known for offering expert insights into the industry. RSAC 365 Innovation Showcase highlights path-breaking innovation in the cybersecurity space.

The panelists, Maria Lewis Kussmaul (Co-Founder AGC), Greg Dracon (Partner, 406 venture), Eric Davis (Partner, AGC Partners), and Sam Curry (Cyber Security Officer, Cyber Reason) engaged with Bikash Barai, (Co-Founder, FireCompass) in a top-level discussion on how our Continuous Virtual Red Teaming can help organizations.

Here are some short interesting snippets from the discussion:

Maria Kussmaul, Co-Founder, AGC Partners: Attack surface management is especially important in the current work from home environment. Since most businesses are moving to the cloud and with cybersecurity space getting more diverse, the attack surface is increasing. This is why there is a need for automation in red teaming. With the threats scaling up offensive attack simulation mixed with vulnerability scanning is a must.

Greg Dracon, Partner, 406 Ventures: The mindset is shifting from just defending to finding out which way the attacker may go to and which target one needs to defend more staunchly.

Sam Curry, Cyber Security Officer, Cyber Reason: Red Teaming is best done when it is done regularly and over time it’s aimed towards improving a security program. 

FireCompass CART looks like an enterprise and mature company product and service. This actually “democratizes” CART and ASM. 

Eric Davis, Partner, AGC Partners : Attack Surface monitoring and automated red teaming are proving to be two categories that are laying the foundation for cyber hygiene. It gives the organization the knowledge of “what to protect?” and “Whom to protect it from?” 

 

The Process Of Continuous Automated Red Teaming 

8789832457?profile=original

Maria Lewis Kussmaul talks about the process of CART, mentioning that the increase in attack surface has also raised the number of vulnerabilities significantly. Organizations are looking at automated red teaming to combat the same, they do not look at things like a point in time pentesting. They want to continue testing comprehensively, hence there is a focus on highly scalable attack surface identification and modeling. Automated red teaming achieves this mandate by merging vulnerability scanning and attack simulation. 

 

Q&A with Bikash:

 

Eric Davis: We historically have seen pen testing as more of an episodic, compliance-driven use case. As you’ve evolved FireCompass’s solution beyond pen testing to incorporate continuous automated red teaming, have you seen the use case similarly evolve to be more security-centric, or is compliance still driving the purchasing decision? Related to that, what budget dollar are you targeting within potential customers?

Bikash: Earlier people were driven by compliance procedures to make security decisions, but that is changing today because of how informed security folks are! People are conscious about their security posture and are noticing that their peers are getting compromised, which is leading them to make conscious buying decisions. So, one can say that security today is more of a conscious issue rather than a compliance issue.

When it comes to the budget, with automation, we can help our customers to save significantly. We have been able to save 80% of their cost when they moved from their traditional model. An organization that has never done anything in security till now, has finally started to pull out some budget.

Sam Curry: This looks like an enterprise and mature company product and service. Correct me if I am wrong there and this actually “democratizes” CART and ASM. For your customers, do you have the means to help them improve based on your output, or do you depend on a mature security program to consume the output and improve?

Bikash: What we have noticed is that whether it is a small company or a large enterprise – the problem is the same. Not many people want to improve upon a product; everyone needs something that they can consume right away, and as easily as possible. Nobody wants to see findings; they want to see actionable items.

Greg Dracon: It sounds as though you’ve built an end-to-end solution covering from basics (shadow IT) to nation-state attack risks, which is a lot. 

 

>>[Free Report] – Get the Hacker’s View Of Your Attack Surface

 

 

 

 

 

 

Views: 191
E-mail me when people leave their comments –
Follow

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)