AIQ Insights

Actionable. Incisive. Quantitative. Cutting-edge research into the art of adversary emulation.

A group of premier threat researchers and operators from around the world, AttackIQ’s Adversary Research Team (ART) develops cutting-edge insights on the latest threats coupled with actionable guidance on how to improve security readiness for customers and the public. Driven by intelligence and research, we help you validate your cyberdefenses against adversaries so you can proactively find and remediate gaps and achieve peak performance.

Stay up to date on our adversary research blog, adversary behavior studies, and demos. Sign up for AIQ Insights and we’ll deliver them straight to your inbox so you stay informed.

Subscribe to Our Research

Attack Graphs Intro Graphic

Actionable Insights

AttackIQ Assessments and Attack Graphs

AttackIQ produces emulation plans in the form of atomic scenarios and end-to-end attack graphs that emulate the adversary. The AttackIQ Security Optimization Platform runs scenarios aligned to MITRE ATT&CK in production, at scale, and can run multiple assessments concurrently against your security program. AttackIQ’s attack graphs string together techniques and procedures in a chain, emulating the adversary and testing machine learning (ML) and artificial intelligence (AI)-enabled cyberdefense technologies. Attack graphs make it easier for organizations to visually measure their defense performance against the adversary.

Subscribe to Our Research

Actionable Graphic
DHS Logo

US-CERT Rapid Response Assessments and Attack Graphs

AttackIQ responds within 24 hours to a U.S. government Computer Emergency Response Team (US-CERT) alert with an initial assessment and a blog for our customers to test their security posture against emergent threats. Within 72 hours, AttackIQ produces a comprehensive attack graph and blog to emulate the attacker, aligned to all of the MITRE ATT&CK tactics, techniques, and procedures in the alert.

Subscribe to Our Research

Intelligence-Driven Insights

The AttackIQ adversary research team integrates open-source intelligence from MITRE ATT&CK and other analytic streams into the Security Optimization Platform to deliver a realistic threat-informed defense. In addition, the team drives research withing the Center for Threat-Informed Defense, where AttackIQ is a founding research partner, to develop new operational concepts for effectiveness. Finally, the team communicates research findings to the public through the media and by presenting at events like BlackHat, SXSW, ATT&CKcon, and RSA, among others.

Check out our presentations at ATT&CKcon and SXSW and RiskyBiz.

CTID Research Partner (Founder) Badge

Quantitative
Performance Data

The purpose of adversary emulation and the AttackIQ Security Optimization Platform is to generate quantitative insights that CISOs and security teams can use to improve their overall security program performance. Teams need to be able to answer questions from senior leaders, the board, and Congress: are we ready for the next attack? How prepared are we, really? By running AttackIQ’s assessments and attack graphs against your security program, you generate real-time performance data to make adjustments, identify investment areas, and improve team cohesion to counter attacks.

Security Optimization Platform Graphic
Measure Graphic
Measure Point-in-Time
Security Performance

Use adversary emulations to measure your security control performance at a single point in time.

Analyze Graphic
Analyze Longitudinal
Performance Data

Run emulations against your security program automatically and continuously over time to measure performance.

Generate Graphic
Generate Performance Metrics
Against Multiple Threats

Analyze your security controls’ performance against specific threats, running assessments and attack graphs concurrently against all of your security controls and test points.

Automate Tasks with Jupyter Notebooks

Teams can use AttackIQ’s open API through the dozens of Jupyter Notebooks embedded within the AttackIQ Security Optimization Platform to automate emulation-related tasks and generate insightful charts and graphs to help your management and operations teams make decisions and move forward more effectively and efficiently. You can use AttackIQ’s provided Jupyter notebooks to analyze threat coverage against security controls, analyze your entire security program against comprehensive adversary campaigns, to conduct product comparisons during a side-by-side comparison of security vendors, or other purposes. With AttackIQ’s open API, you can assign developers to generate new capabilities within the platform to meet your analytic needs. To learn more about using Jupyter notebooks.

Jupyter Notebooks Graphic
Jackson Wells' Headshot
Jackson Wells
Customer Solutions Engineer
(United States)
Shravan Ravi's Headshot
Shravan Ravi
Security Data Scientist
(United States)
Jonathan Reiber's Headshot
Jonathan Reiber
VP, Cybersecurity Strategy and Policy
(United States)
Jose Barajas' Headshot
Jose Barajas
Technical Director, Sales Engineering
(United States)