Cymulate delivers threat-informed defense for cloud infrastructure

Cymulate announced innovations designed to deliver threat-informed defense through comprehensive exposure management and security validation for cloud infrastructure.

The Cymulate Exposure Management and Security Validation platform now includes new and expanded cloud-focused attack simulation templates and resources to cover all major public cloud providers – AWS, Azure, and GCP.

Attacks on containers are on a sharp rise, underscoring the need to better secure Kubernetes environments and validate the efficacy of security controls.

According to a recent study, over half of organizations have experienced software supply chain issues related to cloud-native and containerized development in the past 12 months.

“In similar ways to how on-premises exposure management has evolved, cloud security posture management (CSPM) is maturing beyond understanding misconfigurations and attack paths to include capabilities for security control validation, breach feasibility assessment, and business risk context to effectively prioritize remediations,” said Avihai Ben-Yossef, CTO at Cymulate. “The Cymulate expansion of cloud and Kubernetes scenarios builds on existing cloud and traditional security validation features in the Cymulate platform to manage cloud exposures as part of an exposure management program.”

With more than 500 customers worldwide, Cymulate provides the security validation critical to managing the security posture for cloud infrastructure as well as traditional IT. The Cymulate platform provides a comprehensive and scalable solution for security leaders, regardless of their security posture maturity, to drive their continuous threat exposure management (CTEM) program and support both the technical and business requirements of scoping, discovery, prioritization, validation, and mobilization.

CTEM alignment

• Scoping: Scope exposure management for cloud deployments by adding business context to cloud resources and business impact related to cloud availability, sensitive data in cloud storage, business processes supported by cloud, etc.
• Discovery: The full cloud environment and understand its cybersecurity posture by mapping attack surface, identify assets & identify misconfigurations across clouds, ground to cloud, and cloud to ground.
• Validation: Validate cloud controls, policies, and defensive capabilities to detect and respond to attackers (who gain access to cloud environments).
• Prioritization: Prioritize mitigations (such as updated cloud policies, control policies, new controls) with context of business impact, compensating controls, and breach feasibility.
• Mobilization: Mobilize action and cloud remediations across teams with remediation guidance for correcting cloud misconfigurations or implementing new policies or new controls. Measure cyber security posture and baseline exposure risk for both cloud deployments and cloud as part of the collective IT infrastructure.

Cymulate cloud exposure management offerings and capabilities

Cymulate ASM: Discovers cloud assets across AWS, Azure, and GCP to inventory VMs, storage objects across AWS, Azure and GCP, VPCs (Virtual Private Clouds), entitlements, Kubernetes containers, and more. Identifies misconfigurations for both internal (authenticated) & external (un-authenticated) assets and deployments. Unified attack path mapping creates a visual roadmap and analysis across multi-cloud, on-prem, and hybrid environments.

Cymulate BAS: Validates core controls for cloud assets vs. malicious behaviors, including those specific to cloud threats. Immediate threats module validates control detection of emergent threat activity against cloud assets.

Cymulate BAS advanced scenarios: Validates configuration best practices for cloud and Kubernetes policy configuration. Validates cloud controls vs malicious activity targeted at user access, secrets management, data exfiltration, ransomware, container discovery, and much more. Provides an open framework to create, store, modify, and execute both simple and sophisticated assessments using custom or out-of-the-box resources.

Cymulate CART: Validates potential propagation within the cloud and from cloud to on-prem and back with automated network penetration testing.

Cymulate exposure analytics: Ingests, aggregates, and correlates data from Cymulate ASM, BAS and CART as well as cloud infrastructure and other third-party systems. The solution brings business context to cybersecurity programs to create a common language for managing risk. By building contextualized risk profiles, exposure analytics prioritizes remediation and provides mitigation guidance for validated security gaps – across cloud, on-prem and hybrid. Measures and baselines security resilience for cloud deployments. Maps controls and security findings to control frameworks – including MITRE ATT&CK Cloud Matrix.