Guardicore unveiled new capabilities for Infection Monkey, its free, open source breach and attack simulation (BAS) tool that maps to the MITRE ATT&CK knowledge base and tests network adherence to the Forrester Zero Trust framework.
Infection Monkey is a self-propagating testing tool that hundreds of information technology teams from across the world use to test network adherence to the zero trust framework, and find weaknesses in their on-premises and cloud-based data centers.
Over the past four years, Infection Monkey has gained significant momentum and popularity amongst the cybersecurity community. With more than 3,200 stars on Github, Infection Monkey is trusted by large enterprises, educational institutions, and more, and has garnered praise from distinguished industry analysts such as Dr. Chase Cunningham, principal analyst at Forrester.
“In cyberspace and in cyber warfare exploitation, attacks succeed because they locate and leverage the weak points in systems and networks. In order to defend from this type of attack cycle, it is necessary to continually test the system for those likely weak points. But this can be difficult, especially when dealing with large infrastructures that are bridged between cloud, non-cloud, on premises, off premises, and a wide variety of other potential configurations. Infection Monkey is one of the most well-aligned tools that fits this need. I’m a huge fan.” – from Chase Cunningham’s Cyber Warfare – Trust, Tactics, and Strategies.
Expanded MITRE ATT&CK techniques and reporting
Cybersecurity experts and enterprise DevSecOps teams continue to rely on the MITRE-developed ATT&CK framework as the foundation for network security tests and assessments.
Infection Monkey 1.9.0 now offers a total of 32 MITRE ATT&CK techniques available for testing. These new attack techniques enable cybersecurity professionals to exhaustively test their network like never before while also empowering them to easily communicate steps towards actionable remediation with all relevant stakeholders, from IT to the C-suite.
As the cybersecurity skills gap continues to widen and IT teams find themselves short-staffed, Infection Monkey 1.9.0 received several interface improvements that ensure the tool can be easily implemented – and most importantly valuable – with no additional staff or education.
Infection Monkey’s user interface has been significantly upgraded for configuration, making it easier than ever to set up a variety of different test scenarios on the network. In addition, Infection Monkey 1.9.0 now runs more stealthily to avoid interruptions in attack simulations, and improve coverage rates.
Secure by default
Guardicore is committed to ensuring that Infection Monkey offers the highest standards of quality and safety as a tool. Deployed in enterprise production data centers and cloud deployments, delivering a secure and stable tool is a top priority.
Therefore, Infection Monkey 1.9.0 now requires a secure login by default and has also been verified as secure by Synk.io, a security firm that continuously scans for vulnerabilities in software dependencies. Users can be confident that the tool is safe and secure for deployment.
“Our mission with Infection Monkey is to equip cybersecurity professionals with a valuable open source tool that helps improve their security posture against cybercriminals,” said Shay Nehmad, Team Lead and Open Source Software Developer, Guardicore. “With this new version, we have made it easier than ever to use the tool’s sophisticated features.”