SnapAttack launched Community Edition, a free of charge, open platform that gives threat intel analysts, red teams, detection engineers and threat hunters an operational platform to accelerate the maturity of security operations.
Additionally, in support of the mission of improving the world’s security, SnapAttack is releasing immediately actionable content corresponding to the latest threats from Russia, including HermeticWiper, IsaacWiper, HermeticRansom and WhisperGate. This content is available within the Community Edition and includes four attack sessions showing the actual real-world killchain along with nine detection analytics designed to pinpoint this specific adversary tradecraft within users’ environments.
Community Edition members will have access to the full-featured, core components of the SnapAttack platform, allowing them to share actionable threat intelligence data and create vendor-agnostic detection analytics. Community members that have been vetted and approved by SnapAttack will be given content authorship privileges, allowing them to develop and disseminate actionable content to all community users.
The new feature also includes access to open source content from popular community tools, such as Atomic Red Team and Sigma, and will continue to expand over time. The Community Edition is a permanent platform feature that will be forever free as part of our commitment and core mission to help improve security writ large.
“We can’t overstate the power the Community has to accelerate SecOps maturity across all organizations,” said Peter Prizio, Chief Executive Officer at SnapAttack. “With our Community strategy, our customers will gain the benefit of thousands of security researchers and content engineers, crowdsourcing the hard work of keeping up with the latest threats—including state-sponsored attacks stemming from current and future geopolitical conflicts. We believe that hope is not a strategy and that threat detection analytics must be proven to be reliable. That’s why our team of researchers and curators will work to ensure all community-published content meets our stringent requirements on quality, accuracy and precision.”
Threats from cybercriminals and nation-state actors continue to escalate. Yet, intel analysts, threat hunters and Security Operation Centers (SOCs) struggle to keep up with the latest threats because the volume is too high and the resources for those who build detections are too scarce. Community users will have the ability to engage with over 700 pieces of curated threat intel, 400 attack sessions simulating real-world attacks like ransomware, and over 2,200 proven detection analytics that can be directly deployed to other security tools in Community users’ environments. In addition, users will be able to access:
- SnapAttack’s proprietary attack session capture tool, enabling security testers to create attack session snapshots which enable our no-code detection engineering platform.
- Base content pack of Russia/Ukraine adversary tradecraft. New tactics, techniques and procedures (TTPs) and malware variants will be added as they are identified.
Opportunities to take security to the next level through subscription packages that provide additional features such as deeper tool integrations, advanced reporting and exclusive subscription-only content on the latest threats.
“I am a strong believer that the cybersecurity community must collaborate, share intelligence, and work together in order to withstand the barrage of threats industry and government faces on a daily basis,” said Fred Frey, Chief Technology Officer at SnapAttack.
“Our Community Edition is the best platform to enable that collaboration, across businesses, sectors, SIEM and EDR vendors, and between cyber threat intelligence (CTI), red and blue teams. SnapAttack reduces the burden on all companies who each individually invest in curating intelligence and developing detection content—the world would be a safer place if we didn’t all duplicate each other’s efforts.”