Security validation

Validate your ability to detect advanced threatsCreate an attack campaign to measure the effectiveness and operational readiness of your cyber strategy. Test against various sets of attack paths and go beyond pentesting.
- Identify offensive behaviors not detected by existing tools to know blind spots in your defense
- Measure the speed of detection by defense tools
- Map the most and least used detection tools
﻿
Easily create a campaign and run your attack simulation in a few minutes:
﻿
1) Choose a scenario from Threat Library > ScenariosThe scenario serves as a template for generating the sequential list of events used in the campaign. Please be aware that the number of events executed in a campaign is determined by the number of Target Systems defined in the campaign perimeter. Each system event will be executed for each Target System.
﻿
2) Fill in the campaign description detailsThe name and description are filled in with information from the selected scenario but you can change them.
Add the target type. This data is only used for the generation of graphs and KPIs.
Select the Attack Vector used to execute the events.
﻿
This sketch cannot currently be displayed in exports
﻿
3) Define the scope of your campaignDepending on the scenario selected, you will need to enter the IP addresses targeted by the simulations at network level (e.g. scans) and/or the Target Systems involved by the simulations at OS level.
Network scope: a list of IPv4 addresses or ranges in CIDR format (e.g. 192.168.1.0/24). Use a space to separate each item.
System scope: select from your list of previous targets configured or create a new one.
A default connection test checks if the remote access method (like SSH, WMI) is enabled and if flows are open between the Attack Vector and the Target System. Access to the next step is authorized only if tests are validated (see  FAQ ).
﻿
This sketch cannot currently be displayed in exports
﻿
Access to the 3rd step is authorized because test is validatedAccess to the 3rd step is authorized because test is validated
﻿
4) Define the execution conditions of the campaignSimulation start: immediate execution (run now) or scheduled for a later launch
Events launch: in automatic mode events follow one another without user intervention (with an optional delay between each event) while in manual mode you have to start each event from the app.
﻿
This sketch cannot currently be displayed in exports
﻿
Hint: If you choose an automatic execution of events, we recommend setting a delay between them to facilitate the analysis of detection behaviors.
﻿
A summary of the campaign details is shown. If all is good, click on Start or Plan to check it.
﻿
Add a caption...
﻿
5) Provide detection information for executed eventsAdjust the detection status and enrich it with detection source, date & time, and evidence.
﻿
This sketch cannot currently be displayed in exports
﻿
This sketch cannot currently be displayed in exports
﻿
This sketch cannot currently be displayed in exports
﻿
6) Results allows you to measure the effectiveness of your defensesScores, graphs, and KPIs are updated in real-time based on the provided data.
﻿
Add a caption...
﻿