Cymulate launches new Advanced Persistent Threat simulation

Cymulate, the most comprehensive, on-demand SaaS-based Breach and Attack Simulation (BAS) platform, launched its new Advanced Persistent Threat (APT) simulation.

The new simulation vector enables companies to simulate a full-scale APT attack on their network with a click of a button, challenging security control mechanisms through the entire cyber kill chain, from pre-exploitation (Reconnaissance, Weaponization and Delivery) into exploitation, and even post-exploitation activities such as Command and Control (C&C) communication and data exfiltration.

The APT simulation vector also tests security controls against the very latest threats circulating in the wild. According to Cymulate’s Research Laboratory, 67% of these threats pose an immediate risk to organizations. Over 200 companies worldwide across 11 different industries took part in the research, revealing energy, consulting and airline verticals as being the least prepared for immediate threats.

Simulations of high profile variants, performed since the beginning of 2019, showed that:

• 40% of organizations were at risk from the Dridex Trojan
• 26% of organizations were at risk from an Emotet variant that serves the Trickbot malware
• 38% of organizations were at risk from malware launched by the North Korean group Hidden Cobra
• 33% of organizations were at risk from the Ryuk ransomware.

Unlike rival solutions, Cymulate’s Full Kill-Chain APT simulation vector is comprehensive and highly customizable, providing a sweeping overview of potential exposures including email, web gateway, phishing, endpoint, lateral movements and data exfiltration. The platform also uses unique algorithms to predict potential future APT attacks, and proactively simulating them to offer appropriate detection and mitigation insights.

“Cymulate’s APT Simulation vector is the most thorough means to measure a company’s true security posture, which is vital when hackers are probing for security gaps and adapting to new defenses continuously,” said Eyal Wachsman, Cymulate’s co-founder and CEO. “For that reason, the Full Kill-Chain APT Simulation vector enables a full campaign of a cyber-attack kill chain to be simulated, just as it would be done by a real hacker, making this a critical tool in every security team’s arsenal.”

Cymulate’s SaaS-based platform enables organizations to automatically assess and improve their overall security posture in minutes by continuously testing defenses against variety of attack vectors and APT attack configurations. Simulations, which can be run on-demand, or scheduled to run every day, week or month, provide specific actionable insights and data on where the company is vulnerable and how to amend the security gaps.

Cymulate was founded in June 2016 by cybersecurity veterans Eyal Wachsman and Avihai Ben-Yossef, alongside Eyal Gruner, a serial entrepreneur and investor in cybersecurity startups. Cymulate is successfully active, supporting customers with its technology across all industry verticals, with customers in North America, Europe, Asia, and Australia.