
Response to US-CERT Alert (AA22-174A): Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems
Adversary Emulation
To validate cybersecurity effectiveness against real-world threats, organizations need a platform that can emulate the adversary with specificity and realism at every step in the cyberattack process. This is no small feat. On the basis of cutting-edge research, AttackIQ’s platform architecture helps customers validate their program effectiveness against real-world adversary behaviors.
In an industry first, AttackIQ’s Informed Defense Architecture (AIDA) is the only adversary emulation architecture built to test artificial intelligence (AI) and machine learning- (ML) based cyberdefense technologies in production, while emulating comprehensive, multi-stage attacks. The result is that customers can better test their people, processes, and defensive technologies against advanced persistent threats.
The AttackIQ Hosted Agent makes it easy to deploy the Security Optimization Platform, streamlining the customer experience by providing a managed, external source and target, and making it easy to emulate advanced adversary behaviors.
The Anatomic Engine makes it easy for operators of all skill levels to create complex adversary attack graphs (or attack flows) that are purpose built for emulating attacker patterns. Enumerating complete kill-chain sequences in this manner provides high-level efficacy when testing modern ML and AI based security controls.
AttackIQ’s Network Control Validation Module combines a comprehensive network topology map with adversarial attack replays. This helps organizations to rapidly exercise the end-to-end validation of network-deployed security controls and gives technology-specific remediation guidance, ensuring that customers get the most out of their cyberdefense investments.
Organizations have moved rapidly to the cloud without a commensurate strategy for securing it. On the basis of innovative research from MITRE Engenuity’s Center for Threat-Informed Defense, cybersecurity teams can now leverage the ATT&CK framework against security controls within Azure to optimize cloud security effectiveness.