Cymulate automatically identifies security gaps in one click and tells you exactly how to fix them. Cymulate is a SaaS-based breach and attack simulation platform that makes it simple to know and optimize your security posture any time, all the time and empowers companies to safeguard their business-critical assets. With just a few clicks, Cymulate challenges your security controls by initiating thousands of attack simulations, showing you exactly where you’re exposed and how to fix it, making security continuous, fast and part of everyday activities. Cymulate runs quietly in the background without slowing down your business activities. Deploy a single lightweight agent to start running unlimited attack simulations. The easy to use interface makes it simple to understand your security posture.

Cymulate products Full Kill-Chain APT
Since an Advanced Persistent Threat (APT) attempts to bypass security controls across the cyber kill chain, from attack delivery to exploitation and post-exploitation, defending against an APT requires testing the effectiveness of multiple security controls within your arsenal. Since the efficacy of one control affects the exposure of the next control in the kill chain, ascertaining if your defenses work against a full-blown attack becomes a daunting proposition. Cymulate’s Full Kill-Chain APT Simulation Module solves the challenge of security effectiveness testing across the entire cyber kill chain by instrumenting your security framework in a comprehensive and easy-to-use manner. Instead of challenging each attack vector separately, organizations can now run a simulation of a full-scale APT attack with a click of a button, and gain a convenient, single-pane view of security gaps across their arsenal.

Email Gateway This vector is designed to evaluate your organization’s email security and potential exposure to a number of malicious payloads sent by email. The simulated attack exposes critical vulnerabilities within the email security framework. By sending emails with attachments containing ransomware, worms, Trojans, or links to malicious websites, the simulation reveals if simulated malicious emails could bypass your organizations’ first line of defense and reach your employees’ inbox. After running a simulation, the next step would be to test employees’ security awareness regarding socially engineered emails that try to lure them into opening malicious attachments, disclosing their credentials or clicking on malicious links. The simulation results are presented in an easy-to-understand comprehensive report. Mitigation recommendations are offered for each security gap discovered depending on the type of attack simulated, and how far the threat has managed to bypass security controls and distribute itself, enabling IT and security teams to take the appropriate countermeasures.

Web Gateway Cymulate’s Web Gateway cyber attack simulation vector is designed to evaluate your organization’s inbound and outbound exposure to malicious or compromised websites and current capabilities to analyze any inbound traffic. It enables you to verify your organization’s exposure to an extensive and continuously growing database of malicious and compromised websites. Immediate, actionable simulation results enable IT and security teams to identify security gaps, prioritize remediation and take corrective measures to reduce your organization’s attack surface.

Web Application Firewall WAF (Web Application Firewall) vector challenges your WAF security resilience to web payloads and assists in protecting your web apps from future attacks. With Cymulate’s WAF attack simulation, you can check if your WAF configuration, implementation and features are able to block payloads before they get anywhere near your web applications. The platform simulates an attacker who tries to bypass your organization’s WAF and reaches the web application, after which they attempt to perform malicious actions such as mining sensitive information, inflicting damage and forwarding users to infected websites using applicative attacks such as cross-site scripting (XSS), SQL and command injections. At the end of each WAF attack simulation, or other simulation vector, a Cymulate Risk Score is provided, indicating the organization’s exposure, along with other KPI metrics and actionable guidelines to fine-tune controls and close security gaps.

Phishing Awareness This vector helps companies asses their employees' awareness to socially engineered attack campaigns. Cymulate’s Phishing Awareness vector is designed to evaluate your employees’ security awareness. It simulates phishing campaigns and detects weak links in your organization. Since it is designed to reduce the risk of spear-phishing, ransomware or CEO fraud, the solution can help you to deter data breaches, minimize malware-related downtime and save money on incident response. Security awareness among employees is tested by creating and executing simulated, customized phishing campaigns enabling you to detect who are the weakest links in your organization. The phishing simulation utilizes ready-made out-of-the-box templates or custom-built templates assigned to a corresponding landing page with dummy malicious links. At the end of the simulation, a report is generated summarizing statistics and details of employees who have opened the email, and those who have clicked on the dummy malicious link, enabling organizations to assess their employees’ readiness to identify hazardous email.

Endpoint Security Cymulate’s Endpoint Security vector allows organizations to deploy and run simulations of ransomware, Trojans, worms, and viruses on a dedicated endpoint in a controlled and safe manner. The attacks simulation ascertains if the security products are tuned properly and are actually protecting your organization’s critical assets against the latest attack methods. The comprehensive testing covers all aspects of endpoint security, including but not limited to: behavioral detection, virus detection, and known vulnerabilities. The endpoint attack simulation results offer immediate, actionable results, including Cymulate’s risk score, KPI metrics, remediation prioritization and technical and executive-level reporting.

Lateral Movement Lateral Movement (Hopper) vector challenges companies internal networks against different techniques and methods used by attackers to gain access and control additional systems on a network, following the initial compromise of single system. Cymulate’s Lateral Movement vector simulates a compromised workstation inside the organization and exposes the risk posed by a potential cyberattack or threat. Various techniques and methods are used to laterally move inside the network. The platform uses a sophisticated and effective algorithm to mimic all the common and clever techniques that the most skilled hackers use to move around inside the network. The Hopper attack simulation results are presented in an interactive graphic diagram that shows the attacker’s lateral movement path, along with Cymulate’s risk score, KPI metrics and actionable mitigation recommendations. By taking corrective action, IT and security teams can take the appropriate countermeasures to increase their internal network security.

Data Exfiltration The vector challenges company's Data Loss Prevention (DLP) controls, enabling company to assess the security of outbound critical data before company sensitive information is exposed. The Data Exfiltration vector is designed to evaluate how well your DLP solutions and controls prevent any extraction of critical information from outside the organization. The platform tests the outbound flows of data (such as personally identifiable (PII), medical, financial and confidential business information) to validate that those information assets stay indoors. The attack simulation results are presented in a comprehensive and easy-to-use format, allowing organizations to understand their DLP-related security gaps and take the appropriate measures using actionable mitigation recommendations.

Immediate Threat Intelligence
Cymulate’s Immediate Threat Intelligence vector is designed to inform and evaluate your organization’s security posture as quickly as possible against the very latest cyber attacks. The simulation is created by the Cymulate Research Lab which catches and analyzes threats immediately after they are launched by cybercriminals and malicious hackers. By running this simulation, you can validate within a short time if your organization would be vulnerable to these latest threats and take measures before an attack takes place. The simulation results are presented in an easy-to-understand comprehensive report. Mitigation recommendations are offered for each threat that has been discovered, and vary according to the type of attack simulated, and the extent to which the attack was able to distribute itself. This allows the organization to truly understand its security posture and take action to improve or update controls where necessary.

ImmuniWeb AI Platform is a cybersecurity solution that illuminates external attack surface and Dark Web exposure for well-informed, risk-based and DevSecOps-enabled application penetration testing. Illuminate Your Attack Surface to Prioritize Testing Run Risk-Based Security Testing and Remediation Ensure Continuous Security Monitoring and Compliance   Main features: •          Holistic visibility of assets, risks and threats •          AI intensifies and accelerates human testing •          Risk-based and compliance-driven testing •          Moneyback for a single false positive •          DevSecOps & CI/CD integration   AI for Intelligent Automation and Acceleration ImmuniWeb leverages award-winning AI technology for intelligent automation and acceleration of laborious tasks and processes, saving as much as 90% of human time compared to traditional human services. Security experts handle only to the most complicated tasks and processes that truly deserve human intelligence.   Software Composition Analysis (SCA) technology SCA covers almost 9,000 JavaScript libraries with over 250,000 finger-printable versions. Including an enterprise software products from SAP and Oracle, and software web interfaces of network appliances from Cisco, F5, Fortinet, Juniper and VMware.   OWASP ASVS Mapping for Penetration Testing Products All security vulnerabilities, which can be classified by the CWE system, are equipped with the corresponding Requirement ID from the OWASP Application Security Verification Standard (ASVS). Both software engineers and cybersecurity professionals have enjoy a better and faster coordination for vulnerability remediation and security controls verification processes.   DevSecOps Integrations for Penetration Testing Products DevSecOps integrations for the penetration testing products, including integration with ServiceNow. Integrations foster native DevSecOps processes, enhance inter-team collaboration and enable faster vulnerability remediation process.

How Does Picus Work?

Deploy Picus promises an off-the-shelf software solution that can be installed and configured in hours. After software deployment, our users get their results within only minutes. Assess Identify security gaps in real-time and take action in minutes with Picus mitigation guidance. Mitigate For gaps revealed during our assessments, Picus provides vendor specific remediation signatures and creates a prioritization list. Measure Interactive dashboards present the overall picture with objective metrics and list the gaps revealed.

Key Benefits

Continuous & Real World Cyber-Threat Simulation

• No technology dependency
• No security vendor or version dependency
• Works in the Production Environment
• Functions in the most complex environments
• Pinpoints weaknesses and strengths of your defense layers in real-time
• Modules: HTTP/HTTPS/Endpoint/Email

Instant Security Control Metrics

• Measure - Picus tells you security effectiveness right now including all emerging threats
• Categorize - Picus helps you prioritize your security resources to where you need it the most
• Monitor - Picus continually assesses your resilience to threats
• Alarm - Picus sends alarms for the situations where your security risk increases

Detailed Analysis of Your Security Posture It doesn’t matter if you have a single security technology or a security stack composed of several technologies. Our black-box testing approach is independent from underlying security topology. This will enable you to reveal the effectiveness of a single system, or security posture provided by your security stack. Industry-Leading Mitigation Suggestions Picus mitigation suggestions are designed to deliver an actionable to-do list to increase your security level. Proposed actions are customized for existing security infrastructures. The easy-to-apply signatures are always ready for use. Picus also ships with an open source remediation know-how that can be consumed by your security technologies. Flexible Deployment, Easy Installation & Reports in Hours Picus promises an off-the-shelf software solution that can be installed and configured within hours to make sure users get their results within only minutes. Its flexible architecture supports both the Picus-hosted assessment for Internet vector testing and the on-site installation for internal and cross-zone vector testing. Picus exists as a virtual appliance or as software to run on physical or virtual Linux platforms.

InsightVM provides a fully available, scalable, and efficient way to collect your vulnerability data, turn it into answers, and minimize risk. InsightVM leverages the latest analytics and endpoint technology to discover vulnerabilities in a real-time view, pinpoint their location, prioritize them for your business, facilitate collaboration with other teams, and confirm your exposure has been reduced

Secure Your Modern Network Adapt to your modern network with full visibility of your ecosystem, prioritization of risk using attacker-based analytics, and SecOps-powered remediation. Pair that with unparalleled, ongoing research of the attacker mindset, and you’ll be ready to act before impact. Collect Data Across Your Ecosystem • Continuous Endpoint Monitoring Using the Insight Agent The Rapid7 Insight Agent automatically collects data from all your endpoints, even those from remote workers and sensitive assets that cannot be actively scanned, or that rarely join the corporate network. Pair InsightVM with Rapid7 InsightIDR to get a complete picture of the risks posed by your endpoints and their users. • Liveboards, Not Static Dashboards Drawing from fresh vulnerability data, InsightVM Liveboards are live and interactive by nature. You can easily create custom, tailored cards and full dashboards for anyone—from sysadmins to CISOs—and query each card with simple language to track progress of your security program. Visualize, prioritize, assign, and fix your exposures more easily than ever before. • Cloud, Virtual, and Container Assessment InsightVM integrates with cloud services, virtual infrastructure, and container repositories like Amazon Web Services, Microsoft Azure, and VMware to make sure you don’t miss any new instances and Docker containers that are brought online. You can also correlate deployed containers to assets, so you can secure both containers and container hosts—all at no additional cost.

Prioritize Using Attacker Analytics • Attacker-Based Risk Analysis Prioritize risk the way attackers would. InsightVM translates decades of attacker knowledge into proven analytics. The granular, 1-1000 Real Risk score takes into account CVSS scores, malware exposure, exploit exposure and ease of use, and vulnerability age. This makes it simpler—and more precise than CVSS alone—to prioritize vulnerabilities for remediation. Rapid7 Project Sonar data and threat feeds translate to dashboards within InsightVM, so you can understand which external network doors you’re missing and which vulnerabilities attackers are actively exploiting. • Live Remediation Planning Once the most critical vulnerabilities are brought to the surface, assign and track remediation duties in real time with Remediation Workflows. InsightVM integrates with IT ticketing solutions like Atlassian Jira and ServiceNow, making it easy for IT to take action. InsightVM also integrates with Rapid7 InsightConnect, our security orchestration and automation platform, to bring automation and prioritization to the patching process.

Remediate with SecOps Agility To move faster and more securely, you need to go beyond scanning in silos. InsightVM is built to enable collaboration with IT operations and developers through shared visibility, analytics, and automation. What does this look like in practice? InsightVM integrates with IT’s existing workflows and ticketing systems to provide remediation instructions with context, thus accelerating remediation, and provides actionable reporting on program progress for every audience—from IT and compliance to the C-Suite. On the development side of the house, InsightVM lets you assess containers to ensure services are secure before they go into production, and the Rapid7 Insight Agent helps infrastructure teams automatically assess new cloud infrastructure as soon as it goes live.

The SafeBreach platform provides unmatched visibility into an organization's true cyber-security posture. SafeBreach enables data-driven risk analysis, resource prioritization and guided mitigation. The platform continuously and safely tests and optimizes the effectiveness of your security infrastructure against the business value of your assets. Testing Your Security

• Deploy simulators within your organization's information ecosystem
• Specify the value of your IT resources and the types of tests that are relevant to your organization's defenses
• Execute the SafeBreach tests to fully validate the state of your security architecture

Prioritizing Results

• Visualize results across the kill chain, to easily identify where to focus remediation efforts
• Identify the security gaps which open the largest number of attack vectors and rank the gaps by their potential business impact
• Review the remediation options provided by the SafeBreach Insights instructions and set your priorities accordingly

Remediate Issues

• Review SafeBreach Insights information for detailed instructions and data on closing the security gaps
• Integrate with the broad range of SafeBreach technology partners to provide fully automated remediation
• Monitor and act on the regularly

How it works? The SafeBreach platform carries out continuous, automated testing of an organization’s security architecture using advanced, patented simulation technology. SafeBreach attack simulations are exact reproductions of an attacker's tactics and techniques, but pose no risk to the organization’s operations or assets. Attacks are executed between simulator instances deployed both within and outside the organization’s network. This approach provides broad coverage and fully tests the entire security ecosystem deployed by your organization.

HaXM by XM Cyber is the first breach and attack simulation (BAS) platform to simulate, validate and remediate attackers’ paths to your critical assets 24×7. HaXM’s automated purple teaming aligns red and blue teams to provide the full realistic APT experience on one hand while delivering vital prioritized remediation on the other. Addressing real user behavior and exploits, the full spectrum of scenarios is aligned to your organization’s own network to expose blind spots and is executed using the most up-to-date attack techniques safely, without affecting network availability and user experience. Safeguard your critical assets Always know the attack paths

• Continuously identifies attack vectors to your target assets 24×7
• Prioritizes actionable remediation

Reduce your IT Hygiene risk

• Provides significant IT hygiene lift
• Drives down IT security risk

Optimize your cyber resources

• Cost-effectively optimizes your cyber resources
• Runs risk score formula to quantify impact of breaches

Make data-driven decisions

• Measures attack critically then follows up with actionable remediation
• Reports justify security investment

The XM Cyber Approach Harnessing purple team power, HaXM by XM continuously optimizes red and blue team capabilities to expedite the entire exposure, assessment and remediation cycle and improve your security posture. Adopting a 360° end-to-end identification to remediation cycle, HaXM addresses your organization’s distinct network environment and user behavior 24×7. The XM Cyber Technology XM Cyber’s patented technology features proprietary algorithms that account for the most up-to-date attack techniques, endless customer specific scenarios and the human factor to perform advanced APT on the attack path to your critical assets. We use the latest simulation and assessment techniques to provide immediate validation of your security posture. The XM Cyber Team XM Cyber was founded by the highest caliber of security executives from the elite Israel intelligence sector. Together they bring a second-to-none proven track record in offensive and defensive cyber space.