AttackIQ Academy: Ryan Williams Interview
To validate cybersecurity effectiveness against real-world threats, organizations need a platform that can emulate the adversary with specificity and realism at every step in the cyberattack process. This is no small feat. On the basis of cutting-edge research, AttackIQ has evolved its platform architecture to help customers better validate their program effectiveness against known adversary behaviors.
In an industry first, AttackIQ’s Informed Defense Architecture (AIDA) is now the only adversary emulation architecture built to test artificial intelligence (AI) and machine learning- (ML) based cyberdefense technologies in production, while emulating comprehensive, multi-stage attacks.
This innovation accounts for significant evolutions in security technologies and in the AttackIQ Security Optimization Platform. In recent years, advanced persistent threats have increased the sophistication and impact of their cyberattacks. Concurrent with the evolving threat, our partners’ have matured their cyberdefense technologies; the cybersecurity industry’s adoption of machine learning (ML) and artificial intelligence (AI)-enabled defense capabilities has improved the world’s security posture against advanced persistent threats.
Yet even the best technologies, the best personnel, and the best processes do not always perform as intended. Even the most advanced cyberdefense capabilities still need to be constantly tested and validated to ensure they are working as expected.
On this basis, AttackIQ has extended its “Informed Defense” Architecture to better emulate adversary campaigns while concurrently making it easier for cybersecurity teams to consume adversary behaviors to test their cyberdefense capabilities. These innovations simplify the process of evaluating security control performance across distributed environments and accelerate customers’ adoption of a threat-informed defense across the security program. The result is that customers can better test their people, processes, and defensive technologies against advanced persistent threat emulations.
The AttackIQ Hosted Agent simplifies the process of deploying the Security Optimization Platform, improving the customer experience by providing a managed, external source and target, making it much simpler to emulate advanced adversary behaviors.
The Anatomic Engine makes it easy for operators of all skill levels to create complex adversary attack graphs (or attack flows) that are purpose built for emulating attacker patterns. Enumerating complete kill-chain sequences in this manner provides high-level efficacy when testing modern ML and AI based security controls.
AttackIQ’s Network Control Validation Module combines a new comprehensive network topology map with adversarial attack replays. This helps organizations to rapidly exercise the end-to-end validation of network-deployed security controls and gives technology-specific remediation guidance, ensuring that customers get the most out of their cyberdefense investments.*
With these platform innovations, AttackIQ customers will improve their cyberdefense effectiveness in a number of ways. AttackIQ’s Anatomic Engine combines the industry’s leading atomic testing capabilities with the most comprehensive adversary emulation capabilities available on the market. By chaining attacks together in a graph, the Anatomic Engine allows organizations in a user interface to measure their defenses against a series of attacker patterns. With the AttackIQ Network Control Validation Module, customers who use next-generation firewalls and other AI and ML-based defense technologies can operate with increased confidence in their network security effectiveness. Lastly, with hosted agent innovations, the AttackIQ Security Optimization Platform deploys with greater ease, freeing up the security team’s time and energy for other matters. The net result is an overall increase in security program ease of use and effectiveness.