NEW YORK CITY, April 9, 2019 – Cybersecurity company CipherTechs today announced a new partnership with Israel-based Cymulate that will bring Cymulate’s breach and attack simulation technology to U.S. customers. The alliance will combine Cymulate’s technology with CipherTechs’ offensive security expertise, enabling companies to identify security gaps in their IT infrastructure and provide actionable insights to remedy those gaps.
Cymulate is an award-winning breach and attack simulation platform developed by an elite team of researchers and developers previously from the Israeli Defense Forces frustrated by the time and resource inefficiencies they experienced while conducting cybersecurity operations. The platform uses sophisticated Software-as-a-Service (SaaS) applications to simulate the – tactics, strategies and techniques employed by hackers to attack enterprise infrastructures.
CipherTechs leverages the MITRE ATT&CK framework for its offensive security engagements and sees Cymulate as an efficient tool for challenging defenses across the ATT&CK matrix. Cymulate provides risk scoring metrics allowing security executives to measure the effectiveness of current security configurations before and after any infrastructure change or introduction of new security solutions. Cymulate allows executives to make more informed decisions where vendor bake-offs can be qualified based on how they stand up to the MITRE ATT&CK framework rather than subjective measurements such as how well a vendor product performs in a contrived proof-of-concept environment. CipherTechs intends to promote the Cymulate platform as a product and as a managed service to provide professional Purple Team exercises for existing MSSP customers to identify and close defensive gaps. Equipped with Cymulate, the CipherTechs managed service team can rapidly help clients improve their defenses in a measurable and disciplined manner. In addition, the CipherTechs offensive security team can use Cymulate on Purple Team engagements to precisely mimic the full spectrum of hacker techniques providing realistic simulations of exploitation. CipherTechs can then provide recommendations regarding infrastructure and security product configurations to optimize a company’s defensive capabilities.
MITRE has done an outstanding job of identifying an exhaustive list of classes of attacks and attack techniques. Likewise, Cymulate has done an incredible job productizing these attacks into repeatable unit tests.
“This is the beginning of a new era of data driven defense decisions and CipherTechs is excited about the opportunity to begin incorporating Cymulate as a key component of the DevSecOps initiatives for our clients. CipherTechs’ expertise in offensive security can help companies utilize Cymulate’s capabilities to the fullest,” said Marek Surdykowski, chief technology officer at CipherTechs. “CipherTechs is known for being one of the best at designing and running comprehensive simulations for testing a network’s security posture. With Cymulate, they can now analyze a company’s ability to cope with exploitation threats in email, browsing, infrastructure, and other entry points, as well as improve awareness among employees against phishing, ransomware and other attacks.”
CipherTechs will offer Cymulate as a product to its customers and as a managed service within its suite of risk and vulnerability assessment solutions.