Seamless integration offers instant visibility into detection gaps and adversary detection rule generation
AttackIQ Flex 3.0 Unites Prevention and Detection with Splunk Integration, Boosting Analyst Efficiency and Simplifying Detection Engineering Outcomes
Media Contact
Allison Knight
10Fold for AttackIQ
attackiq@10fold.com
AttackIQ®, the leading independent vendor of breach and attack simulation (BAS) solutions and founding research partner of the MITRE Engenuity Center for Threat-Informed Defense (CTID), today announced AttackIQ Flex 3.0, agentless security control validation that integrates natively with Splunk to deliver a fully seamless user experience.
A Growing Need for Efficient and Accurate Threat Detection
As cyber threats grow more sophisticated, organizations are struggling to detect and mitigate breaches. In 2024, it takes organizations on average about 10 days to detect an attacker, while it only takes an adversary mere hours to accomplish their objective. Meanwhile, most organizations’ threat detection remains woefully out of date. These detection failures underscore the need for detection as the last line of defense between a breach and full-blown incident response. Effective detection allows organizations to contain breaches more efficiently, even at scale.
However, implementing effective detection remains a complex and resource-intensive process. Security teams face hundreds of detection requirements across incident response (IR), security operations centers (SOCs), and cyber threat Intelligence (CTI) teams. Writing and validating detection rules is prone to errors, often missing key tactics, techniques, and procedures (TTPs) used by adversaries. These gaps in detection leave organizations vulnerable, emphasizing the need for more efficient and accurate approaches to threat detection.
“When prevention fails, detection becomes your last line of defense in catching adversaries before full-blown incident response is required,” said Carl Wright, Chief Commercial Officer at AttackIQ. “We’re excited to partner with Splunk to bring Flex 3.0 to their customers worldwide, empowering them to strengthen their security posture with seamless, real-time detection and validation capabilities. Already, organizations using BAS have reported significant improvements, with a 37% increase in analyst efficiency and a 44% reduction in costs related to security breaches.”
The Flex original service provides detailed security performance metrics and mitigations in minutes, allowing organizations to conduct granular security validation without facing recurring fees or complex deployments.
Introducing Flex 3.0: Seamless Integration with Splunk for Automated Detection Improvement
With Flex 3.0, AttackIQ empowers security teams to take control of their detection strategies and stay ahead of evolving threats. Flex 3.0 offers agentless adversary emulation that can be run anywhere, providing organizations with instant visibility into their security control effectiveness. It also identifies detection gaps by delivering testing results fully integrated into the Splunk user experience via a native Flex integration. Leveraging AI-generated Yara and Sigma detection rules, organizations can now seamlessly improve their detection rules with new detections predicated on adversary emulations to identify security control gaps.
Flex 3.0 offers out-of-the-box tests derived from the latest adversary research, ensuring that organizations stay ahead of evolving threats. These tests provide critical detection and prevention insights from security controls, feeding directly into SIEM to ensure continuous monitoring and analysis.
Key Resources
- For more information on AttackIQ Flex 3.0, please check out the blog.
- Register for AttackIQ upcoming webinar “All About That BAS: Achieving SIEM Efficiency with Breach and Attack Simulation” on Tuesday, December 10 at 1:00 PM ET.
- For more information on AttackIQ Flex 3.0, please visit www.attackiq.com/products/flex.
About AttackIQ
AttackIQ, the leading independent vendor of breach and attack simulation solutions, built the industry's first Breach and Attack Simulation Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyber defenses work as expected, aligned with the MITRE ATT&CK framework.
The company is committed to supporting its MSSP partners with a Flexible Preactive Partner Program that provides turn-key solutions, empowering them to elevate client security. AttackIQ is passionate about giving back to the cybersecurity community through its free award-winning AttackIQ Academy and partnership with MITRE Engenuity’s Center for Threat-Informed Defense.
For more information visit www.attackiq.com. Follow AttackIQ on Twitter, LinkedIn, and YouTube.
View source version on businesswire.com: https://www.businesswire.com/news/home/20241203483049/en/
Add Comment