BitDam Blog

Traditional Breach And Attack Simulation Is Outdated – Here’s Why
Roy Rashti
Roy Rashti
3 minutes & 35 seconds read · September 30, 2020

Traditional Breach And Attack Simulation Is Outdated – Here’s Why

Just glancing at the headlines, it’s easy to see that phishing, fraud, and ransomware campaigns are on the rise. This has been driven by numerous factors, including the availability of “phishing kits” available for purchase on the dark web. Malicious actors are getting more sophisticated and are targeting companies of all sizes and in any industry. So how do you keep your organization safe?

 

Assessing Strengths and Weaknesses

A great place to start is with understanding your current security posture. Where are your weaknesses? What areas need to be shored up? Finding and evaluating your gaps and vulnerabilities is the first step in keeping your data, users, and network safe. Running tests – including an email security test, malware test, and phishing test – is an important way to gain insights into your vulnerabilities. 

 

Pen Testing to Find Answers

This is where pen testing (penetration testing) is often used. Generally speaking, pen testing comprises a single test that is built from artificial attack samples. 

However, this approach has a number of drawbacks. Artificial attacks just do not provide the same assurance or insights as the real thing. Your current architecture might cope just fine with artificial incursions but might fail when it comes to the real thing. 

Pen testing is therefore increasingly being replaced by Breach and Attack Simulation (BAS) tools.

 

Breach and Attack Simulation (BAS)

BAS tools provide an ongoing evaluation of your organization’s security posture. The promise of BAS was enticing: the ability to simulate real attacks that are updated based on attack trends and threat popularity. This has led to a market for BAS tools that is growing rapidly.

As great as BAS is, there remains a difficulty – one that could mean the difference between successfully thwarting a cyber attack, or falling victim to such an attack. 

BAS solutions still use artificial attacks, and thus cannot effectively tell you how your security stack will deal with a real-world, live threat. Threats are simulated based on those seen in the wild, but by definition these are still simulated, a reflection of the real attack. 

 

Preparing for the next threat

There is a dangerous time lag from when a new attack is released until it is incorporated into BAS solutions. With malicious actors constantly changing tactics – including automating threats to mutate and evade security solutions – ideally, you would want to test your system against real attacks, those seen in the wild in real-time. Knowing that your organization’s security posture can deal with yesterday’s attacks just doesn’t cut it anymore.

A key challenge is that risk is highest when a threat or a new attack technique is released for the first time, before your security solutions have come to recognize and deal with the threat. By this time, new threats will already be targeting your organization. It’s an issue of speed, and tools that can give you answers in real-time about how you’re dealing with the latest threats are critical. 

There’s an acute need for vulnerability assessment tools that use real, live threats – rather than old or simulated ones. 

 

BAS 2.0

With BAS 2.0, BitDam has launched its new generation of BAS solutions that are the answer organizations have been looking for. 

Take BitDam Lucky Meter, or BAS2.0. Lucky Meter uses the freshest in-the-wild malware and phishing threats to continuously test your email defenses, empowering you to assess your organization’s defenses against malware – in real-time. The ability to run an email security test, malware test, or phishing test using real and ongoing attacks is priceless. 

BitDam Lucky Meter sends real attacks of all types from the wild, as they materialize. This is done constantly while ensuring the testing is non-intrusive. BitDam Lucky Meter offers a continuously updated dashboard showing which threats bypassed your current security and which were blocked. Critically, it also shows the amount of time your system was exposed to each threat –  the Time To Detect or TTD – which is often a more important indicator than the miss rate or rate of detection.

In summary, we’ve moved from Pentesting to BAS, and finally to the real thing: a way to continuously assess your security against the latest attacks seen in the wild, in real-time. 

All that’s left to do is try BitDam Lucky Meter

- Video Talk -

Get into The Phisher's Mind

27 October, 10am EST

Schedule a Demo

Enter your email to get a free trial invitation