Glossary
Breach and Attack Simulation
Request a Demo
Experience a live demo and learn more about RidgeBot or RidgeShield.
Breach and Attack Simulation (BAS)
Breach and attack simulation (BAS) technologies enable improved visibility into enterprise security weak spots by automating testing of threat vectors such as external and insider, lateral movement, and data exfiltration. BAS complements red teaming and penetration testing by detecting and validating a portfolio of simulated attacks from SaaS platforms, software agents and virtual machines.
BAS technology provides automated and consistent assessment of threat vectors. It evaluates the ability of an organization’s security controls to detect and block the simulated attacks, using reports that align with industry frameworks such as MITRE. BAS assessments enable organizations to locate gaps in their security posture from configuration errors or reconsider priorities of impending security investments.
Organizations with mature security programs use BAS technologies to ensure a consistent security posture over time and across multiple locations.
Ridge Security BAS support
Ridge Security’s Adversary Cyber Emulation (ACE) Botlet supports BAS. A RidgeBot® Botlet is a software agent that simulates real-world cyberattacks without causing any real harm or impact within the enterprise’s IT environment. To measure security control effectiveness, RidgeBot® ACE uses an Assessment Test Script consisting of a group of scripted behaviors that are carried out to simulate a specific cyberattack, or to validate the security controls. RidgeBot® ACE uses Block Rates to determine the ratio of blocked scripts versus all assessment scripts executed during testing. A test result with a higher Block Rate indicates better security controls.
Vulnerability assessment (VA) solutions operate across on-premises, cloud, and virtual environments to help reduce risk exposure. They discover, identify and report on operating system and software vulnerabilities for IT, cloud, IoT and OT devices.
Many organizations are implementing VA solutions to better understand, prioritize and reduce risk and exposure from threats. VA establishes a baseline of connected assets and vulnerabilities, identifying and reporting on the security configuration of assets. VA supports compliance reporting and control frameworks, risk assessment and remediation prioritization, and remediation activities.
A foundational component of the vulnerability management process, VA supports security management, proactive prevention of threats and conformity with regulations and compliance regimes. Vulnerability assessment is a key process in understanding and dealing with an organization’s attack surfaces that can be exposed to threat actors, helping to reduce risk.
Many regulations and standards, such as the Payment Card Industry Data Security Standard (PCI DSS), National Institute of Standards and Technology (NIST) and International Organization for Standardization (ISO) 27001 require organizations to perform VAs to remain in compliance.
Advancements and innovations for VA tools and services are being seen in discovery, prioritization and mitigation, tracking the vulnerability remediation progress and workflow automation to meet evolving requirements and needs. This includes areas like cloud, containers, OT and vulnerability prioritization.
Ridge Security vulnerability assessment support
As part of an integrated vulnerability assessment, Ridge Security’s RidgeBot® enables organizations to not only assess but also validate vulnerabilities discovered in their infrastructure, applications, and defenses. RidgeBot® relentlessly locates exploits across an enterprise network, document their findings, continuously measure results and effectiveness, and verify vulnerabilities.
RidgeBot® enables organizations to conduct automated pentesting from an attacker’s point of view. Before exposures are put into production, RidgeBot® finds, assesses, prioritizes, and fixes a wide set of exposures before bad actors get to them. The resulting validation allows organizations to see what would happen in the event of an attack, how their defenses would cope, and how well the processes would perform.
Learn more about: