Cymulate, the industry standard for SaaS-based Continuous Security Validation platform leveraging the MITRE ATT&CK® framework end-to-end, announced today the launch of Cymulate Cyclone, a customizable, template-driven platform that enables security service providers to craft, automate and deliver purple teaming exercises to help their enterprise customers actively protect their networks.
“The increase in the severity, scale and range of attacks over the last year has prompted a need to build better, proactive capabilities. Purple teaming is an effective methodology to improve these capabilities and optimizes the threat detection technologies that support them.
Security service providers are seeing growing demand for purple team exercises but are challenged to scale due to the cyber-skills shortage,” said Eyal Wachsman, Co-founder and CEO of Cymulate. “Our Cyclone platform is a prime value-added offering with its ability to capture and automate purple teaming expertise.”
Unlike traditional automated pen-testing solutions that only offer the adversary perspective, Cymulate Cyclone integrates security controls to also provide the defender’s findings and correlates them with attacker actions. The platform’s rich repository of attack resources and scenarios provides immediate value that enables optimization of the company’s security posture.
Cyclone’s accessibility and ease of use upskills more junior security penetration testing teams, boosting productivity in over-stretched departments by automating repetitive efforts. This empowers expert pen-testers to craft complex and/or unique purple team exercises and scenarios. These can be automated and reused, freeing personnel to focus on value creation and more demanding tasks.
Also Read: Time to Move Towards Frictionless Security
Cymulate Cyclone optimizes SOC detection, hones threat hunting skills and improves incident response processes, offering an additional revenue-generating service for security service providers. Scaling existing pen-testing expertise, Cyclone purple teaming auto-correlates blue team detections to red team adversarial tactics, providing remediation and detection guidance and Sigma rules for SIEM optimization.
Following Cymulate’s core platform offering and reporting, the attack scenarios are aligned to the MITRE ATT&CK framework and results can be exported to the ATT&CK navigator.
Key features include:
- Automatic purple teaming: Crafting and launching automatic attack scenarios and correlating security-control findings to validate effectiveness.
- Scale expertise: Creates reusable and modifiable template-based assessments and automatic routine and base-line assessments.
- Rich repository of resources: Creates interactive attacks sessions and includes out-of-the-box assessment templates, executions, payloads, tools, and Sigma rules for immediate value creation.
- Efficiency: Auto-correlates security control findings to attacks, and automatically generates reports mapped to MITRE ATT©CK
Cymulate’s SaaS-based platform runs simulations of the latest threats in the wild and tests an organization’s security defenses and controls across the entire kill chain of attack vectors and APT attack scenarios, highlighting security gaps and providing mitigation procedures to optimize the security posture.