XM Cyber, the multi-award-winning breach and attack simulation (BAS) leader, unveiled new capabilities and features for its fully automated purple team platform HaXM. XM Cyber has significantly expanded the capabilities of HaXM, which now enables customers to perform real exploits on demand, conduct automated social engineering, integrate directly with their SIEM systems and more. The company has also achieved ISO/IEC 27001:2013 certification.
HaXM, the leading breach and attack simulation (BAS) platform, continuously exposes attack vectors from breach point to any organizational critical asset. This continuous loop of automated red teaming is completed by ongoing and prioritized actionable remediation of security gaps. In effect, HaXM operates as an automated purple team that fluidly combines red and blue teams’ processes to ensure that organizations are always one step ahead of the attack.
New Capabilities and Features
XM Cyber’s platform is newly enhanced with the following additions:
- Validation Module – Customers can now perform on-demand exploitation of their networks and hosts, using MITRE ATT&CK™ and threat actor aligned tactics, techniques and procedures (TTP).
- Social Engineering Integration – Customers can now view the complete attack path starting from a social engineering breach point such as a phishing email, all the way to the crown jewels.
- MITRE ATT&CK™ Framework Alignment – XM Cyber is now aligned with MITRE ATT&CK™, a curated knowledge base and model for cyber adversary behavior.
- CISO Dashboard – This new dashboard exposes at-a-glance risk scoring, as well as the organization’s security posture changes over time.
- SIEM Integration – HaXM now seamlessly connects with SIEM systems, allowing customers to take advantage of XM Cyber’s insights while working within their standard security flows.
- “What-If” Capability – Customers can now answer the question, “What happens if I follow the remediation plan?” In other words, they can measure the impact of the remediation by running a new simulation that assumes the remediation was performed.
“We are proud to unveil this robust new version of our award-winning HaXM platform,” said XM Cyber CEO Noam Erez. “With its unparalleled breadth and depth of capabilities, HaXM offers enterprises a continuous 360° view of at-risk critical assets and key security issues, along with in-depth remediation guidance for each.”
Achieving Certification ISO/IEC 27001:2013
ISO/IEC 27001:2013 specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
“By achieving this globally recognized certification, XM Cyber has demonstrated a commitment to maximizing our customers’ security defenses,” said Erez. “We strive to protect our customers’ data as well as our systems. We are following top information security standards and best practices, to which all XM Cyber’s employees are committed.”
About XM® Cyber
XM Cyber provides the first fully automated breach and attack simulation (BAS) platform to continuously expose attack vectors, from breach point to any organizational critical asset. This continuous loop of automated red teaming is completed by ongoing and prioritized actionable remediation of security gaps. In effect, HaXM® by XM Cyber operates as an automated purple team that fluidly combines red team and blue team processes to ensure that organizations are always one step ahead of the attack. XM Cyber has already received over 16 industry awards, including being recognized as a “Technology Pioneer” by the World Economic Forum. XM Cyber’s customers include leading financial institutions, critical infrastructure organizations and manufacturers across North America, Europe, and Israel.
XM Cyber was founded by the highest caliber of security executives from the elite Israeli intelligence sector. Together they bring a proven track record in both the offensive and defensive cyber security domain. The company is headquartered in Israel and has offices in the US, UK and Australia.
For more information: www.xmcyber.com