SANS Fortify Your Defenses with On-Demand Simulated Attacks
White Papers
The Keysight team has built a SaaS breach and attack simulation (BAS) platform called Threat Simulator, which is one service available as part of its larger Security Operations Suite. Threat Simulator can automate a wide variety of attacks against controls, services, and infrastructure both on-premises and in the cloud, with minimal setup because the service itself is hosted in a cloud environment. Threat Simulator helps organizations test security tools against 20,000+ tactics, techniques, and procedures (TTPs), including MITRE ATT&CK®, and measure network, email, and endpoint security posture at the same time.
The Keysight team set up a comprehensive review environment for us within Amazon Web Services(AWS). This environment included a number of enterprise components and controls for testing:
- Next-generation firewalls (NGFWs)
- Endpoint detection and response (EDR) controls
- Web application firewalls (WAFs)
- Splunk security information and event management (SIEM) system
- Amazon Elastic Compute Cloud (EC2) workloads