Critical capabilities for cloud address challenges faced by security teams looking to validate container and identity and access management controls
Cymulate, the leader in exposure management and security validation, today announced innovations designed to deliver threat-informed defense through comprehensive exposure management and security validation for cloud infrastructure. The Cymulate Exposure Management and Security Validation platform now includes new and expanded cloud-focused attack simulation templates and resources to cover all major public cloud providers – AWS, Azure, and GCP.
Attacks on containers are on a sharp rise, underscoring the need to better secure Kubernetes environments and validate the efficacy of security controls. According to a recent study, over half of organizations have experienced software supply chain issues related to cloud-native and containerized development in the past 12 months.
“In similar ways to how on-premises exposure management has evolved, cloud security posture management (CSPM) is maturing beyond understanding misconfigurations and attack paths to include capabilities for security control validation, breach feasibility assessment, and business risk context to effectively prioritize remediations,” said Avihai Ben-Yossef, CTO at Cymulate. “The Cymulate expansion of cloud and Kubernetes scenarios builds on existing cloud and traditional security validation features in the Cymulate platform to manage cloud exposures as part of an exposure management program.”
With more than 500 customers worldwide, Cymulate provides the security validation critical to managing the security posture for cloud infrastructure as well as traditional IT. The Cymulate platform provides a comprehensive and scalable solution for security leaders, regardless of their security posture maturity, to drive their continuous threat exposure management (CTEM) program and support both the technical and business requirements of scoping, discovery, prioritization, validation, and mobilization.
CTEM Alignment
- Scoping: Scope exposure management for cloud deployments by adding business context to cloud resources and business impact related to cloud availability, sensitive data in cloud storage, business processes supported by cloud, etc.
- Discovery: The full cloud environment and understand its cybersecurity posture by mapping attack surface, identify assets & identify misconfigurations across clouds, ground to cloud, and cloud to ground.
- Validation: Validate cloud controls, policies, and defensive capabilities to detect and respond to attackers (who gain access to cloud environments).
- Prioritization: Prioritize mitigations (such as updated cloud policies, control policies, new controls) with context of business impact, compensating controls, and breach feasibility.
- Mobilization: Mobilize action and cloud remediations across teams with remediation guidance for correcting cloud misconfigurations or implementing new policies or new controls. Measure cyber security posture and baseline exposure risk for both cloud deployments and cloud as part of the collective IT infrastructure.
Cymulate Cloud Exposure Management Offerings and Capabilities
Cymulate ASM: Discovers cloud assets across AWS, Azure, and GCP to inventory VMs, storage objects across AWS, Azure and GCP, VPCs (Virtual Private Clouds), entitlements, Kubernetes containers, and more. Identifies misconfigurations for both internal (authenticated) & external (un-authenticated) assets and deployments. Unified attack path mapping creates a visual roadmap and analysis across multi-cloud, on-prem, and hybrid environments.
Cymulate BAS: Validates core controls for cloud assets vs. malicious behaviors, including those specific to cloud threats. Immediate threats module validates control detection of emergent threat activity against cloud assets.
Cymulate BAS Advanced Scenarios: Validates configuration best practices for cloud and Kubernetes policy configuration. Validates cloud controls vs malicious activity targeted at user access, secrets management, data exfiltration, ransomware, container discovery, and much more. Provides an open framework to create, store, modify, and execute both simple and sophisticated assessments using custom or out-of-the-box resources.
Cymulate CART: Validates potential propagation within the cloud and from cloud to on-prem and back with automated network penetration testing.
Cymulate Exposure Analytics: Ingests, aggregates, and correlates data from Cymulate ASM, BAS and CART as well as cloud infrastructure and other third-party systems. The solution brings business context to cybersecurity programs to create a common language for managing risk. By building contextualized risk profiles, exposure analytics prioritizes remediation and provides mitigation guidance for validated security gaps – across cloud, on-prem and hybrid. Measures and baselines security resilience for cloud deployments. Maps controls and security findings to control frameworks – including MITRE ATT&CK Cloud Matrix.
The Black Hat USA 2023 conference takes place at the Mandalay Bay Convention Center in Las Vegas from August 9-10. Attendees can see Cymulate’s technology in action at Booth #2934.
Resources
About Cymulate
Cymulate, the leader in exposure management and security validation, provides a modular platform for continuously assessing, testing, and improving cybersecurity resilience against emergent threats, evolving environments, and digital transformations. The solution has a quantifiable impact across all five continuous threat exposure management (CTEM) program pillars and on a business’s ability to reduce risk by understanding, tracking, and improving its security posture. Customers can choose from its Attack Surface Management (ASM) product for risk-based asset profiling and attack path validation, Breach and Attack Simulation (BAS) for simulated threat testing and security control validation, Continuous Automate Red Teaming (CART) for vulnerability assessment, scenario-based and custom testing, and Exposure Analytics for ingesting Cymulate and third-party data to understand and prioritize exposures in the context of business initiatives and cyber resilience communications to executives, boards, and stakeholders. For more information, visit www.cymulate.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20230808853426/en/
Contacts
Media Contact
Katrina Porter
Sr. Manager, Marketing Communications at Cymulate
katrinap@cymulate.com
1-831-227-0776