The Red Report 2024: The Top 10 Most Prevalent MITRE ATT&CK Techniques
Picus Labs | November 09, 2022
San Francisco, US, 9th November 2022 – Picus Security, the pioneer of Breach and Attack Simulation (BAS), today announced the availability of its next-generation security validation technology. The new Picus Complete Security Validation Platform levels up the company’s attack simulation capabilities to remove barriers of entry for security teams. It enables any size organization to automatically validate the performance of security controls, discover high-risk attack paths to critical assets and optimize SOC effectiveness.
“Picus helped create the attack simulation market, and now we’re taking it to the next level,” said H. Alper Memiş, Picus Security CEO and Co-Founder. “By pushing the boundaries of automated security validation and making it simpler to perform, our new platform enables organizations even without large in-house security teams to identify and address security gaps continuously.”
The all-new-and-improved Picus platform extends Picus’s capabilities beyond security control validation to provide a more holistic view of security risks inside and outside corporate networks. It consists of three individually licensable products:
Security Control Validation - simulates ransomware and other real-world cyber threats to help measure and optimize the effectiveness of security controls to prevent and detect attacks.
Attack Path Validation - assesses an organization’s security posture from an ‘assume breach’ perspective by performing lateral movement and other evasive actions to identify high-risk attack paths to critical systems and users.
Detection Rule Validation - analyzes the health and performance of SIEM detection rules to ensure that SOC teams are reliably alerted to threats and can eliminate false positives.
A global cybersecurity workforce gap of 3.4 million professionals∗ means automated security validation is now essential to reduce manual workloads and help security teams respond to threats sooner. Recently, the US’s Cybersecurity and Infrastructure Security Agency (CISA) and UK’s National Cyber Security Centre (NCSC) published a joint advisory recommending organizations test their defenses continually and at scale against the latest techniques used by attackers.
“Insights from point-in-time testing are quickly outdated and do not give security teams a complete view of their security posture,” said Volkan Erturk, Picus Security CTO and Co-Founder. “With the Picus platform, security teams benefit from actionable insights to optimize security effectiveness whenever new threats arise, not once a quarter. With our new capabilities, these insights are now deeper and cover even more aspects of organizations’ controls and critical infrastructure.”
On 15th November 2022, Picus Security is hosting Picus reLoaded, a free virtual event for security professionals that want to learn more about its platform and how to leverage automated security validation. Register to attend and hear from thought leaders from Gartner, Frost & Sullivan, Mastercard, and more.
H. Alper Memiş has also published a blog to announce the release to Picus customers.
Picus has offices in North America, Europe and APAC and is supported by a global network of channel and alliance partners.
Picus has been named a ‘Cool Vendor’ by Gartner and is cited by Frost & Sullivan as one of the most innovative players in the BAS market.
For more information, visit www.picussecurity.com
∗The (ISC)² Cybersecurity Workforce Study 2022