Enterprise threat simulation is more important than ever before. Why? We call it “cyber security infrastructure validation.”

AISN’s unique platform enables you to measure your cyber security ROI, giving you deep insight into just how well your investments in cyber security products, policies and people are protecting and defending your enterprise.

Did you know that $46 billion was spent in 2013 on cyber security and yet most U.S. companies are unsure if their investment has paid off?

While most cyber security infrastructure assessment tools look only at the external attack surface of a network, AISN’s platform brings continuous assessment inside the network.

AISN Enterprise Threat Simulation is a cloud-based (SaaS) platform that generates non-malicious activity to imitate attacks on your network, assess your Cyber Readiness and facilitate realistic training scenarios. It allows you to quantify your human resources and technology expenditures so that you can understand your cyber security ROI.

Use Enterprise Threat Simulation To…

  • Test your incident threat response
  • Identify network blind spots
  • Build a better incident response program
  • …and Improve Cyber Security ROI
  • Train incident responders
  • Reduce incident response times
  • Reduce costs

How Does Enterprise Threat Simulation Work?

Exercises

Configured to run as a suite, combinations of threat simulations can be triggered to run on-demand, on a schedule, or continuously. Typically, specific simulations are chosen by a security team or selected from a group of pre-programmed generic/industry-specific exercises. The platform continuously updates generic and industry-specific exercises based on observed behaviors in order to reduce a security team’s response time to new threats.

Dashboard

The dashboard is the platform nerve center for monitoring assessments, digging into problems, and changing configurations. It enables quick viewing of security block status, an historical summary that facilitates exception monitoring, and email alerts in exceptional conditions such as an overdue assessment or a regression in assessment results.

Capabilities

  • Continuous network attack simulation
  • On-Demand network attack simulation
  • Detailed reports and analysis of simulations
  • Bot beaconing to command and control servers
  • Multiple language communications over the network to emulate foreign language command and control
  • Sending simulated samples of sensitive data such as credit card numbers, social security numbers, and medical records out of protected networks
  • Lateral scans which simulate attackers pivoting throughout compromised networks
  • Egress scans which simulate attackers finding available outbound ports to send their traffic
  • Sending suspicious executables through networks to end points
  • Outbound connections to domains which are associated with malicious behavior
  • MD5 and SHA1 hashes of all files that traverse the network for correlation with monitoring and forensics

Testing Targets

  • Data Loss Prevention (Host-based and network)
  • Domain Name System
  • Full Packet Capture Appliances
  • Incident Response Tools
  • Intrusion Detection Systems
  • Intrusion Prevention Systems
  • Network Firewalls
  • Network-based Sandbox Technology
  • Web Proxies
  • Security Event and Information Managers
  • Antivirus

Recommended for Highly Regulated Sectors

  • Health care
  • Pharmaceuticals/ biotech
  • Financial services
  • Government
  • Education
  • Energy
  • Technology
  • Manufacturing