Market Overview

Spirent Extends CyberFlood with Data Breach Emulation for Holistic and Hyper-Realistic Security Testing of Networks and Devices

Share:

First Technology to Fully Assess Data Breach Readiness and Provide
Automated Purple Team Testing

BLACK HAT USA 2018Spirent
Communications
plc (LSE:SPT), the trusted provider of test,
measurement, assurance and analytics solutions for next-generation
devices and networks, today announced the availability of the first
solution using data breach emulation technology to provide holistic and
hyper-realistic security testing of networks and devices for awareness
of data breach and intruder activity. This new solution, CyberFlood Data
Breach Assessment, is a component of Spirent's CyberFlood
product line, extending it into production environments for continuous
testing of live networks and devices.

As an holistic automated solution within the live network, CyberFlood
Data Breach Assessment provides active monitoring and ongoing
evaluations such as Purple Team assessments. Unlike testing solutions
that simulate attacks, CyberFlood Data Breach Assessment uses actual
attack components, true hacker activity and malware executables to
assess an organization's vulnerability to cybercrime. A study
from the Center for Strategic and International Studies estimates that
cybercrime costs the global economy $600 billion.

"With the ever-increasing stakes and mounting costs and penalties for a
data breach, organizations must continually assess their abilities to
detect an active attacker," said David DeSanto, director, products and
threat research, Spirent Communications. "Unlike existing solutions,
which do not use the real methods and techniques used by real attackers,
CyberFlood Data Breach Assessment uses unique data breach emulation
technology to provide hyper-realistic scenarios and assessments using
the actual methodologies intruders follow. This breakthrough solution
gives organizations the ability to innocuously assess their production
defenses and fortify weaknesses before they are compromised by work of
an attacker."

Emulation – A Giant Leap beyond Simulation

CyberFlood Data Breach Assessment utilizes real traffic and activities
that are indistinguishable from live efforts by cybercriminals and other
malicious actors, rather than relying on replayed traffic and network
activities that seem real. Security infrastructures often discount
simulated, unreal artifacts, treating them as phony, non-malicious
traffic, and simply pass them through or block them as invalid network
streams. Such traffic cannot adequately test an organization's defenses
against cybercrime.

In contrast, Spirent has accumulated an enormous repository of real
attack components, including exploits, applications, and malware. This
repository, powered by Spirent TestCloud, is a combination of the
research of Spirent's threat research team, Spirent SecurityLabs, and
Spirent's partnerships within the threat intelligence community. The
result puts Spirent at the forefront of the fight against cybercrime,
with knowledge of the newest threats and with the broadest range of
experience defending against older ones.

Multi-Tier Protection Validation

In addition to using real traffic and activities, CyberFlood Data Breach
Assessment provides holistic, real-world assessments and validation
because it is not limited to certain portions of a network. Attackers
will choose the weakest link in an environment and move laterally to
reach valuable resources, such as customer and financial data,
intellectual property, and other company secrets.

To assess security accurately requires consideration of an
organization's entire environment. CyberFlood Data Breach Assessment can
begin an attack or intrusion activity in any part of the environment and
can pivot across multiple internal network segments. It can be deployed
with physical or virtual sensors across an entire organization,
including corporate and regional networks, data centers, and private and
public cloud resources. It also assesses all security and networking
devices involved in routing or securing traffic or detecting malicious
activity.

Automated Purple Team Assessments

The Purple Team security practice is rapidly becoming both a standard
and a necessity for organizations to evaluate data breaches and attack
readiness. A Purple Team assessment combines an attacking Red Team with
a detecting Blue Team. The CyberFlood Data Breach Assessment solution
combines Red and Blue Teams into a fully automated Purple Team
capability that can be run continuously in live, production
environments. Results are displayed on a dashboard and in automatically
generated reports. In addition, the system can send warning messages to
the security team or initiate trouble tickets to address issues and
unexpected discoveries.

"Assessing data breach readiness has been expensive, time-consuming and
difficult, and plagued with gaps and deficiencies," said Jon Oltsik,
senior principal analyst, Enterprise Strategy Group. "Having the ability
to use actual intruder activity on an ongoing basis to assess how live
monitoring systems will perform is essential to knowing whether an
organization can find an intruder before disaster strikes."

Spirent will demonstrate CyberFlood and its new data breach emulation
capabilities in Booth 1128 at the Black
Hat USA 2018
conference in Las Vegas, August 8-9 at the Mandalay Bay
Convention Center.

About Spirent

Spirent Communications plc. (LSE: SPT) offers test, measurement,
analytics and assurance solutions for next-generation devices and
networks. The company provides products, services and information for
high-speed Ethernet, positioning and mobile network infrastructure
markets, with expanding focus on service assurance, cybersecurity and
5G. Spirent is accelerating the transition of connected devices, network
equipment and applications from development labs to the operational
network, as it continues to innovate toward fully-automated testing and
autonomous service assurance solutions.

For more information, please visit www.spirent.com
and follow us on LinkedIn,
Twitter
and Facebook.

View Comments and Join the Discussion!