Datanet » NOUTĂȚI ȘI EVENIMENTE » Știri și noutăți » Do configuration errors affect the effectiveness of security solutions? Fix them with Breach and Attack Simulation
SOITRON GROUP
Menu
Datanet » NOUTĂȚI ȘI EVENIMENTE » Știri și noutăți » Do configuration errors affect the effectiveness of security solutions? Fix them with Breach and Attack Simulation
Do configuration errors affect the effectiveness of security solutions? Fix them with Breach and Attack Simulation

Configuration errors in security solutions are a critical problem for any company, and often traditional methods of detection and remediation are burdensome, ineffective, and require advanced skills. Cymulate’s Breach & Attack Simulation solution recommended by Datanet helps you overcome these limitations by automating the testing and simulation processes, with constant updates and actionable recommendations to solve the detected issues. Additionally, the BAS Cymulate solution is affordable, easy to use, and can be up and running in just a few hours.

 

Ransomware, Phishing, DDoS, Cryptojacking, Social Engineering, these are terms that have already entered the common language because every day we hear news about cyber-attacks, security breaches, and new types of malware discovered. However, there is also an “invisible enemy” that the media and, unfortunately, many companies frequently ignore – configuration errors in security solutions.

 

 

Admittedly, an error sounds trivial for a front-page story, but “Security Misconfiguration” is a formidable enemy, with tens of thousands of active victims, being among the top five security threats included in the OWASP Top 10 ranking benchmark for the entire cyber-security industry.

 

How common are the threat of configuration errors?

 

According to recent estimations, nearly three-quarters of companies (73%) have at least one critical configuration error in their security solutions. According to „Verizon Data Breach Investigations Report“, misconfigurations of protection solutions account for more than half (55%) of the total volume of “mistakes” committed by organizations and are responsible for 20% of security breaches.

The problem is so widespread that last year the US Information Security and Infrastructure Protection Agency (CISA) released a dedicated report (AR21-013A) in which it analyzed the impact of “Security Misconfiguration” at the US level, issuing a series of recommendations for strengthening security configurations to help organizations defend against attackers.

 

What are the causes that lead to the appearance of „Security Misconfiguration“?

 

On the one hand, it is the increasing volume of threats and attacks that organizations face, but also their rapid evolution. On the other hand, the multiple changes in the way of working. According to a Ponemon Institute study, nearly two-thirds of organizations purchased new security solutions in 2020 to meet the challenges posed by the widespread adoption of remote work. Meanwhile, the percentage has probably exceeded 90%.

The problem, however, is that many of these solutions were put into use without IT departments getting to validate the newly implemented security controls. The phenomenon affects 62% of companies, and the causes range from the high speed of adoption and the excessive number of changes that had to be made, to the lack of the necessary skills in the area of cybersecurity.

Another element that contributes to the appearance of errors is the frequent changes in the configurations of security solutions. 60% of organizations operate changes weekly, which represents more than a quarter even daily, to adapt to new emerging threats, to the evolution of business needs, to the requirements of end users, partners, customers, etc.

It is too highly frequent considering that more than half of IT departments do not feel at all comfortable with the tasks they have in the protection zone and complain that:

  • Have to manage too many security products – 59%;
  • Security applications have become too complex – 55%;
  • Updates and patches issued by security vendors generate breaches and configuration errors – 53%.

Why configuration errors are not detected?

 

Apparently, the risks are aware and most organizations (61%) claim to validate the effectiveness of the configurations used, as well as the changes made. But less than a third think the testing methods are really effective and only one in five tests weekly.

Why they don’t do it more often? The answer is not hard to guesst:

  • Most companies do not have the necessary skills internally;
  • Testing configurations of security solutions consume time and money and can affect the operation and/or performance of production equipment;
  • Usual methods – such as traditional vulnerability scanning – are ineffective, because they fail to reproduce the new technical tactics and procedures (TTPs) used by attackers.

What offers a Breach and Attack Simulation solution such as Cymulate?

 

Breach & Attack Simulation (BAS) is a relatively new category of security solutions, named by Gartner as an “Emerging Technology” in 2017. But even though it’s only been 5 years since its “official” recognition, BAS is starting to catch on to more followers because it addresses exactly the needs detailed above: it helps organizations validate the effectiveness of security configurations on an ongoing basis with automation and simulations after real attacks. Thus, a BAS solution can perform, automatically or manually, the scanning and testing of configurations and can generate and test – also automatically – a wide spectrum of attacks, on several vectors. Based on the results obtained, companies can identify both misconfigurations and gaps in their security architecture.

 

To achieve these results, Datanet recommends using Cymulate‘s Breach and Attach Simulation solution, that is the leader in the BAS application market and comes with a number of advantages that differentiates it from the rest of the competitors, such as:

  • The deployment and up and running within hours;
  • It’s simple to use – the solution is delivered from the cloud, as a subscription, and uses an agent-based scanning method that can be easily installed on both physical and virtual devices;
  • It is constantly updated with new threats and attacks and benefits from the permanent support of teams of cybersecurity professionals;
  • Automates the verification and testing processes of security solution configurations;
  • Simulates a wide spectrum of attacks and threats with out-of-the-box test scenarios;
  • Creates simulations that do not affect the safety and performance of production environments;
  • Allows advanced customization, from the interface level to the ability to create specific attack sequences;
  • Identifies gaps and evaluates test and simulation results using industry-validated best practices and frameworks (MITRE ATT&CK and NIST 800-53 REV 5);
  • Has a large coverage area: from Data Exfiltration risks and advanced attack scenarios (Fin8, APT38, Lazarus, etc.), to the validation of protection measures at the level of email, web, WAF and terminal equipment;
  • Provides detailed reports and concrete recommendations for remediation of identified problems, which include proposals for software updates and configuration changes to security policy revisions;
  • Ensures rapid return on investment by obtaining optimal performance from proprietary security solutions, as well as easy integration with other types of applications (EDR, SIEM, SOAR, etc.)

How can we help you?

 

Traditional procedures for manually testing security configurations are burdensome, require large investments – in terms of time and resources – and have low efficiency. Cymulate’s BAS solution eliminates these problems by automating the testing and simulation processes, enabling security teams to assess the level of protection of their organizations in real-time. The Cloud-as-a-Service delivery model makes Cymulate’s BAS solution accessible to all businesses, and superior customization capabilities ensure rapid adaptation to the specific needs of any organization.

Datanet Systems is a Cymulate partner and can help you exploit the advantages of the BAS solution by offering complete services, from implementation to training. For more technical or commercial information about the BAS Cymulate solution and about the services provided by the Datanet Systems team, we invite you to contact us at sales@datanets.ro.

 

About Cymulate

Cymulate was founded in 2016 in Israel, with the founding members of the company having experience in the field of Military Intelligence and IT security services for organizations. In just six years, the company has grown to a global presence, serving hundreds of companies, with an impressive track record. Cymulate’s BAS solution has been awarded “Best Breach and Attack Simulation Platform” at the Cybersecurity Excellence Awards two years in a row (2021, 2022) and is the market leader according to Frost & Sullivan analysts.

______________________

References:

https://owasp.org/Top10/A05_2021-Security_Misconfiguration/

– https://www.verizon.com/about/news/verizon-2021-data-breach-investigations-report

– https://cymulate.com/resources/ponemon-report/

– https://cymulate.com/resources/bas-the-year-2021/?SANS_award