Managed Breach & Attack Simulation Service (MSS-BAS)
The Managed Breach & Attack Simulation Testing Service Suite is comprised of continuous multi-vector attacks launched to validate the organization’s defenses, provide recommendations and workflow for remediation. These services fully integrate with others of the GLESEC Orchestration Suite providing a holistic solution to monitoring, testing, remediation, and mitigation. Organizations can acquire any combination of these attack vectors or the full attack-chain.
The Immediate Threat Vector is designed to evaluate your organization’s security posture as quickly as possible against the very latest cyber attacks.
The Endpoint Attack Simulation vector allows organizations to test the protection against Ransomware, Trojans, worms, and viruses on a dedicated endpoint in a controlled and safe manner. The attacks simulation ascertains if the security products are tuned properly and are actually protecting your organization’s critical assets against the latest attack methods.
The Lateral Movement Attack Vector tests the Internal Segmentation of the Network to reduce risk of internal lateral movement.
The Web Attack Simulation tests the effectiveness of protection against HTTP and HTTPS exposure to malicious or compromised web sites.
The Phishing Awareness vector is designed to evaluate the company’s employees’ security awareness. It simulates phishing campaigns and detects weak links in your organization.
The Attack Persistent Threat Simulation Vector follows the full attack kill chain to test all attack vectors and simulating a hacker's actions while testing the organization's controls.
The Email Attack Simulation tests simulation vector is designed to evaluate the client’s organization’s email security and potential exposure to a number of malicious payloads sent by email.
The Data Exfiltration vector is designed to evaluate how well your DLP solutions and controls prevent any extraction of critical information from outside the organization.
Web Application Firewall
The Web Application Firewall Attack Vector tests that your organization's WAF configuration, implementation and features are able to block payloads before they get anywhere near your web applications.
This service can be classified according to the following table:
Each of the MSS services can be mapped to one of the seven elements of the 7eCSM.
In this case the mapping is:
Take control of your cyber-security now!