Cymulate, a leader in cybersecurity risk validation and exposure management, and the 2022 Platinum ‘ASTORS’ Homeland Security Award Winner for Best Breach & Attack Simulation (BAS) Platform in their Cymulate Extended Security Posture Management Platform, is proud to announce the expansion of its Attack Surface Management (ASM) solution to close gaps between traditional vulnerability management and ASM.
With this newly expanded ASM solution, organizations will now have advanced capabilities to easily visualize risky exposures across hybrid environments.
Cymulate achieves this by extending its coverage to include more attack surface discovery and added misconfiguration detection, cloud-specific analysis, and vulnerability discovery.
Previously, only for external attack surface management, these new enhancements will analyze Active Directory, Azure, GCP, and AWS Cloud footprints for misconfigurations and remediable security concerns.
“Customers will immediately benefit from seeing gaps in their public-facing infrastructure and through attack path mapping to see how an attacker can traverse the network from on-premises to cloud and cloud to on-premises,” explains Cymulate’s CTO and Co-founder Avihai Ben-Yossef.
“This will significantly aid organizations in assessing how at risk their organization’s assets are.”
Vulnerability scanners are designed to identify, classify, prioritize, and remediate vulnerabilities that could be exploited, primarily from within the environment.
Conversely, attack surface management has mainly focused on discovering vulnerabilities from an external perspective. This Cymulate ASM solution now closes the visibility gap needed to understand if an exposure has a viable attack path if security controls detect and alert effectively and validate that remediations achieve the desired risk mitigation.
This brings exposure management to a new level that is more continuous and efficient for classifying and prioritizing the remediation of vulnerabilities.
Cymulate’s ASM solution expansion provides four new tool capabilities: Active Directory Misconfiguration Scanning, Cloud Misconfiguration Scanning, Vulnerability Scanning, and Unified Attack Path Mapping and Analysis (UAPMA).
This provides more information than just what needs to be patched and the ability to leverage information from more sources to determine the priority of each remediation action.
The Unified Attack Path Mapping and Analysis (UAPMA) Will:
-
Support attack pathing and security validation across networks, Clouds, and identity systems, including Active Directory services.
-
Deliver a significantly more complete and detailed picture of viable attack paths and techniques that can be discovered when compared to performing such scanning operations only in one infrastructure or the other.
-
Factor in that interconnections, trusts, permissions, and other variables can change the path of an attacker in unexpected ways.
-
Provide the ability to clearly identify and see attack paths (displayed as graphs and detailed information), which delivers a quicker way to identify and close gaps without disrupting business operations.
When paired with Cymulate’s Breach and Attack Simulation (BAS) technology, security teams can also validate whether controls in the attack path successfully detect and alert on threat activity; and where remediation is required, knowing where that remediation is required can best be performed to reduce any business disruptions.
This combination of Cyumlate’s ASM with BAS further refines which vulnerabilities to prioritize and at what level of urgency.
(Learn how Microsoft Intelligent Security Association (MISA) partner Cymulate integrates with Microsoft Defender for Endpoint, formally known as Microsoft Defender ATP. Cymulate is an end-to-end SaaS-based breach and attack simulation platform used to continuously validate security controls across the full attack kill chain. Courtesy of Microsoft and YouTube.)
The driving factors for these enhancements center on the growing use of cloud computing, remote workforce, and third-party services, which are expanding organizations’ attack surface and creating numerous challenges in identifying and tracking assets across on-premises, hybrid, and cloud infrastructure; and in managing and securing all exposed assets.
Additionally, the inability to evaluate the risk posed by each asset and the proliferation of unmonitored assets such as legacy infrastructure and shadow IT add to the complexity of controlling networks, compounding risk, especially when scaling operations.
HOW ASM WORKS
Currently, Cymulate ASM uses a branching-scan methodology to discover visible security concerns and gaps across the public-facing infrastructure. Starting with one or more “primary assets” (usually web domains), ASM discovers additional assets, which include:
-
Web Domains and Sub-Domains affiliated with/linked to the primary asset
-
Email domains
-
Corporate Identities (company names, product names, etc.)
-
Frameworks and Applications
For each of these assets discovered, two operations occur.
-
First, the scan continues, using the newly discovered assets as a new starting point. This is the “branching” part of the branching-scan methodology.
-
Second, for each asset found, a series of probing and sub-scanning techniques (which are non-disruptive) are used to determine the following:
-
-
Are the assets defended by a Web App Firewall and/or other security controls?
-
Do the applications, frameworks, libraries, etc. appear to be up- to-date, or outdated?
-
Are email and web domains/sub-domains using the correct security configuration for the specific asset type discovered (e.g. DKIM, DMARC, SPF for email or DNSSEC for web domains, etc.)?
-
Do email addresses and other identity components appear in clear-web and dark-web data caches (such as credential dumps and
breach notification systems)?
-
Does data that can be correlated to the organization exist on non-company websites and data platforms (such as unrelated
commercial websites or in dark-web caches)?
-
Are domains similar to discovered email domains registered (indicating possible phishing attack preparation)?
-
And many other probes and non-disruptive tests to identify potential and/or actual security gaps visible to the outside world.
In addition, to limit the scope and avoid extraneous data, an organization may mark a discovered asset as Irrelevant (such as a domain linked to
the company website but not owned by the company).
Cymulate ASM will also natively use logic systems to avoid scanning and probing any asset that does not appear directly related to the organization running the scan.
The ASM expansion using the four new tools noted above (Active Directory Misconfiguration Scanning, Cloud Misconfiguration Scanning, Vulnerability Scanning, and Unified Attack Path Mapping and Analysis (UAPMA)).
AD Misconfiguration Scanning examines one or more Active Directory Domains to identify:
-
Users and Groups
-
Workstation, Server, and other Compute Objects
-
Key Attributes of Discovered Objects
Once assets are identified, the system uses a series of scanning and non-disruptive probes to determine if misconfigurations exist that can create/already represent gaps in organizational security.
This includes (but is not limited to):
-
Delegation issues (such as unconstrained delegation)
-
Known misconfigurations in Group Policy Objects (such as Edit permissions assigned to inappropriate accounts)
-
Defaults left unaltered and active
-
Issues with Kerberos and other native controls and restrictions
-
Overprivileged accounts (such non-administrative users allowed to initiate Domain synchronization)
-
Lack of common security configurations (such as LAPS not being enabled)
-
Issues with trusts between Domains
-
Many other configuration and security gap identification methods
Such scanning and discovery operations can also be performed against Cloud infrastructure as effectively as they can be run against on-premises infrastructure, allowing for full analysis of Active Directory Domain operations in hybrid environments.
The second area of Cymulate’s ASM expansion centers on discovering and identifying misconfigurations and security gaps in Cloud Platforms. Initially, support for Amazon Web Services (AWS), Microsoft Azure, and Google Cloud (GCP).
These operations include, but are not limited to:
-
Identification of Cloud Assets (services, instances, etc.)
-
Discovery of misconfigurations in administrative structures (for services, storage, identity components, and other structures) – including users and their entitlements.
-
Discovery of objects (instances, storage, etc.) visible to the outside world
-
Insufficient password policies, lack of MFA, and other authorization misconfigurations
-
Missing or insufficient backup/recovery systems
-
Default or over-privileged configurations (such as storage being read/write enabled for all users)
-
Many other Cloud-specific infrastructure and identity misconfigurations
Third, Cymulate ASM can perform network discovery and vulnerability scanning. By using an existing or net new Cymulate Agent or by leveraging a virtual instance image provided by Cymulate (or both), this feature can:
-
Discover networks and systems visible to the Agent/Instance (only one Agent or Instance is needed per network environment/segment)
-
Find open ports and other network-specific network misconfigurations
-
Identify outdated OS’s and applications (and other device misconfigurations)
-
Discover weak passwords, weak encryption, open shares, and other system-level misconfigurations
Highlight SNMP, Remote Access, and other environment misconfigurations
As with Active Directory discovery and scanning, network discovery and vulnerability scanning can be performed equally effectively on-premises and in Cloud Infrastructure-as-a-Service environments.
Finally, for on-premises environments, AWS and GCP environments, and Azure/on-premises hybrid environments, Cymulate ASM can map and analyze potential viable attack paths.
An on-Premises hybrid with AWS and GCP is in development.
For Azure/on-premises hybrid and on-premises or AWS and GCP non-hybrid environments, this feature set allows an organization to see how a threat actor could leverage misconfigurations, lax permissions, identity issues, vulnerabilities, and other discovered issues to perform an attack from the outside world to “crown jewels” such as databases, confidential information, etc.
As this Unified Attack Path Mapping and Analysis (UAPMA) is not limited to only on-premises infrastructure or only Cloud infrastructure, a significantly more complete and detailed picture of viable attack paths and techniques can be discovered when compared to performing such scanning operations only in one infrastructure or the other.
Interconnections, trusts, permissions, and other factors can change the path of an attacker in unexpected ways. Identifying and seeing these paths (displayed as graphs and detailed information) allows the organization to quickly identify and close gaps without disrupting business operations.
This is a major expansion of the Cymulate ASM product, designed to provide a complete solution for vulnerability scanning and security control/configuration analysis for smaller organizations; and a powerful new tool for larger organizations to integrate into their tech stack.
In both cases, the organization gains the ability to see more than just what needs to be patched, and to leverage more information from more sources to determine the priority of each remediation action.
UAPMA allows organizations to find breakpoints that can render an attack path non-viable without disrupting business operations and applications.
Hybrid environment support gives even greater flexibility and more targeted prioritization by considering how attacks can propagate – not only within one infrastructure set but also between the Cloud and on-premises infrastructure sets, to facilitate much more direct corrective action across the organization.
To learn more about Cymulates expanded ASM solution, see the datasheet here, or please visit cymulate.com/attack-surface-management.
The Cymulate cybersecurity risk validation and exposure management solution provide security professionals with the ability to continuously challenge, validate and optimize their on-premises and Cloud cyber-security posture with end-to-end visualization across the MITRE ATT&CK® framework.
Cymulate provides automated, expert, and threat intelligence-led risk assessments that are simple to deploy and easy for organizations of all cybersecurity maturity levels to use.
The company also provides an open framework for creating and automating red and purple teaming exercises by generating tailored penetration scenarios and advanced attack campaigns for their unique environments and security policies.
(See how you can operationalize threat intelligence and the MITRE ATT&CK framework for continuous purple teaming, to continuously challenge, assess, and optimize your security controls across the full cyber kill chain. Automated, comprehensive & prescriptive. Courtesy of Cymulate and YouTube.)
For more information, visit www.cymulate.com.
Cymulate Takes Platinum in 2022 ‘ASTORS’ Homeland Security Awards Program
American Security Today’s Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program, and now entering it’s Eighth Year, continues to recognize industry leaders of Physical and Border Security, Cybersecurity, Emergency Preparedness – Management and Response, Law Enforcement, First Responders, as well as federal, state and municipal government agencies in the acknowledgment of their outstanding efforts to Keep our Nation Secure.
Cymulate
Best Breach & Attack Simulation (BAS) Platform
-
Cymulate Extended Security Posture Management Platform
-
Cymulate’s Breach and Attack Simulation solution, is part of its industry-setting Extended Security Posture Management (XPSM) platform and leverages the MITRE ATT&CK® framework end-to-end.
-
It enables companies to challenge, assess and optimize their cyber-security posture against the evolving threat landscape, simply and continuously, and helps security professionals control their environment and provides out-of-the-box, expert and threat intelligence-led RISK assessments, simple to use for all skill levels, updated 24/7.
-
It provides an open framework for ethical hackers to create and automate red and purple team exercises and security assurance programs tailored to their environment and security policies.
-
Cymulate’s Breach and Attack Simulation solution is the first vendor to be deployed with three additional fundamental security pillars: Attack Surface Management, Continuous Automated Red Teaming (CART) and Advanced Purple Teaming in one solution.
(Cymulate’s powerful continuous and automatic Extended Security Posture management solutions give cybersecurity professionals the confidence to make data-driven and intelligence-led decisions. With easy-to-understand dashboards constantly assessing their attack surface, endpoint security, web gateways, email gateway, and more, security professionals can explain and rationalize their security posture with up-the-minute information. Courtesy of Cymulate and YouTube.)
-
This year Cymulate launched a co-managed solution, Amplify, which is an extension of its BAS solution. Amplify is a human powered offering designed to accelerate the implementation and optimization of their continuous security assurance. By providing an on-hand advisor, Amplify augments in-house security teams to better leverage Cymulate’s platform and manage the optimization of a network’s cyber-security posture, end-to-end across the entire MITRE ATT&CK® framework.
-
Cymulate eliminates blind spots by assessing the current security posture of an organization and establishes a security baseline for visibility and control, and for Cymulate’s customers with stretched security teams, Amplify helps them close security gaps quickly and efficiently, rationalizing technology, helping upskill staff and improving processes.
-
Cymulate also recently added to its holistic security controls validation and posture assessment platform, dynamic dashboards which provide context by consolidating insights from across thousands of attack campaigns and scenarios, to empower security managers to make educated decisions in their cybersecurity strategy, prioritize workloads and reduce the risk substantially and quickly.
-
Cymulate, deployed by hundreds of customers including Fortune 500 companies, achieved 100% in revenue growth globally, and about 200% growth in North America in 2021 new bookings.
- *Cymulate was also recognized in the 2021, and 2019 ‘ASTORS’ Homeland Security Awards Programs.
The continually evolving ‘ASTORS’ Awards Program will highlight the trail of Accomplished Women in Leadership in 2023 and the Significance and Positive Impact of Advancing Diversity and Inclusion in our Next Generation of Government and Industry Leaders. Because #MentorshipMatters.
So be on the lookout for exciting upcoming announcements of Speakers, Presenters, Book Signing Opportunities, and Attendees at the 2023 ‘ASTORS’ Awards Presentation Luncheon in November of 2023 in New York City!
Nominations are currently being accepted for the 2023 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.
Comprehensive List of Categories Include:
| Access Control/ Identification | Personal/Protective Equipment | Law Enforcement Counter Terrorism |
| Perimeter Barrier/ Deterrent System | Interagency Interdiction Operation | Cloud Computing/Storage Solution |
| Facial/IRIS Recognition | Body Worn Video Product | Cyber Security |
| Video Surveillance/VMS | Mobile Technology | Anti-Malware |
| Audio Analytics | Disaster Preparedness | ID Management |
| Thermal/Infrared Camera | Mass Notification System | Fire & Safety |
| Metal/Weapon Detection | Rescue Operations | Critical Infrastructure |
| License Plate Recognition | Detection Products | COVID Innovations |
| Workforce Management | Government Security Programs | And Many Others to Choose From! |
Don’t see a Direct Hit for your Product, Agency or Organization?
Submit your category recommendation for consideration to Michael Madsen, AST Publisher, at: mmadsen@americansecuritytoday.com.
Homeland Security remains at the forefront of our national conversation as we experience an immigration crisis along our southern border and crime rates that are dramatically higher than before the Pandemic across the United States.
These challenges have become a national priority with an influx of investments in innovative new technologies and systems.
Enter American Security Today, the #1 publication and media platform in the Government Security and Homeland Security fields, with a circulation of over 75,000 readers and many tens of thousands more who visit our AST website at www.americansecuritytoday.com each month.
The pinnacle of the Annual ‘ASTORS’ Awards Program is the Annual ‘ASTORS’ Awards Ceremony Luncheon Banquet, an exclusive, full-course plated meal event, in the heart of New York City.
The 2022 exclusive sold-out ‘ASTORS’ luncheon featured representatives of law enforcement, public safety, and industry leaders who came together to honor the selfless service of those who stand on the front lines and those who stand beside them – providing the capabilities and technologies to create a safer world for generations to come.
Last year marked the 20th anniversary of the Department of Homeland Security (DHS), which came out in force to discuss comprehensive collaborations between private and public sectors that have led to the development of intelligence and technologies which serve to protect our nation.
The keynote address was provided by U.S. Customs and Border Protection (CBP) Office of Field Operations (OFO) Deputy Executive Assistant Commissioner (DEAC) Diane Sabatino, who described the changes to CBP through the tragedy of 9/11 and the relentless commitment to its mission and ongoing investment in the latest technologies and innovations to protect our borders and Homeland.
The resounding theme of the DEAC’s remarks was her pride in the women and men of the CBP and their families who support them.
AST was also joined by Legendary Police Commissioner William Bratton, who spoke about his love for the City of New York, the Profession of law enforcement to which he has dedicated his life, and for which he continues to drive thought leadership and innovation.
New York City Police Department (NYPD) Chief of Department Kenneth Corey, came out to address Luncheon attendees and shared some of his experiences and the changes in policing he’s witnessed over his more than three decades of service.
FDNY Chief Joseph Jardin honored the men and women of the FDNY, not only those who currently serve but all of those who have selflessly served, with special recognition of those lost on 9/11.
Chief Jardin spoke about the continuing health battle of many following 9/11 with cancer and respiratory disease, yet now knowing the full consequences, would not have made a different decision to respond.
As Chief Jardin noted, mission-driven service is the lifeblood of every firefighter, volunteer, and sworn member, and has been so throughout the history of the Fire Service.
Former head of the FBI’s active shooter program, Katherine Schweit joined AST to sign complimentary copies of her book, ‘STOP THE KILLING: How to End the Mass Shooting Crisis,’ thanks to the generosity of our 2022 ‘ASTORS’ Awards Sponsors.
The 2022 ‘ASTORS’ Awards Program was Proudly Sponsored by NEC National Security Systems (NSS), ATI Systems, Automatic Systems of America, guardDog AI, Fortior Solutions, IPVideo Corporation, Rajant Corporation, RX Global, and SIMS Software!
We were pleased to welcome the esteemed New York City Fire Department (FDNY); the New York City Police Department (NYPD); and the NYC Hospital Police, as well as Executive Management from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), and many other DHS agencies, Federal law enforcement agencies, and private/public partnerships such as the National Association of Women Law Enforcement Executives (NAWLEE), the 30×30 Initiative, a coalition of professionals advancing the representation of women in policing; and Operation Lifesaver, Inc. (OLI) (rail safety advocates).
The prestigious Annual ‘ASTORS’ Homeland Security Awards Program highlights the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition and keep our Nation safe – one facility, street, and city at a time.
In 2022 over 240 distinguished guests representing Federal, State, and Local Governments, and Industry Leading Corporate Firms gathered from across North America, Europe, and the Middle East to be honored among their peers in their respective fields.
Each year, to keep our communities safe and secure, security dealers, installers, integrators, and consultants, along with corporate, government, and law enforcement/first responder practitioners, convene in New York City to network, learn and evaluate the latest technologies and solutions from premier exhibiting brands at ISC East, the Natural Disaster & Emergency Management Expo (NDEM EXPO), and the ASIS NYC Expo.
ISC East is the Northeast’s leading security & public safety event, hosted in collaboration with sponsor Security Industry Association (SIA) and in partnership with ASIS NYC.
Corporate firms, the majority of which return year to year to build upon their Legacy of Wins, include:
Advanced Detection Technologies, AMAROK, ATI Systems, Axis Communications, Automatic Systems, BriefCam, Canon U.S.A., Cellbusters, CornellCookson, CyberArk Fortior Solutions, guardDog.ai, Hanwha Techwin of America, High Rise Escape Systems, IPVideo Corporation, Konica Minolta Business Solutions, NEC National Security Systems, NICE Public Safety, OnSolve, PureTech Systems, Quantum Corporation, Rave Mobile Safety, Regroup Mass Notification, Robotic Assistance Devices, Rajant Corporation, SafeLogic, Select Engineering Services LLC, Singlewire Software, SolarWinds Worldwide, Teledyne FLIR, Valor Systems, and West Virginia American Access Control Systems, just to name a few!
Why American Security Today?
The traditional security marketplace has long been covered by a host of publications putting forward the old-school basics to what is Today – a fast-changing security landscape.
American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State, and local levels of government as well as firms allied to the government.
American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers’ eyes throughout the story with cutting-edge editorial that provides solutions to their challenges.
Harness the Power of the Web – with our 100% Mobile Friendly Publications
AST Digital Publications are distributed to over 75,000 qualified government and homeland security professionals, in federal, state, local, and private security sectors.
‘PROTECTING OUR NATION, ONE CITY AT A TIME’
AST Reaches both Private & Public Experts, essential to meeting these new challenges.
Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture, and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.
These experts are from Government at the federal, state, and local levels as well as from private firms allied to the government.
AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website, and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.
AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.
Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.
To learn more, please see the 2022 ‘ASTORS’ CHAMPIONS Edition Fully Interactive Magazine – the Best Products of 2022 ‘A Year in Review.’
The Annual CHAMPIONS edition reviews ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firm’s products and services, including video interviews and more.
The 2022 CHAMPIONS serves as your Go-To Source through the year for ‘The Best of 2022 Products and Services‘ endorsed by American Security Today – and can satisfy your agency’s and/or organization’s most pressing Homeland Security and Public Safety needs.
From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection, and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware, and Networking Security – to name a few), the 2022 ‘ASTORS’ CHAMPIONS EDITION has what you need to Detect, Delay, Respond to, and Mitigate today’s real-time threats in our constantly evolving security landscape.
It also features guest editorial pieces from some of the security industry’s most respected leaders and recognized firms in the 2022 ‘ASTORS’ Awards Program.
For more information on All Things American Security Today, as well as the 2023 ‘ASTORS’ Awards Program, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.
AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:
- Provides named sources
- Reported by more than one notable outlet
- Includes supporting video, direct statements, or photos
Subscribe to the AST Daily News Alert Here.
Learn More…
2023 ‘ASTORS’ Homeland Security Awards Early Entry Discount OPEN
