AttackIQ tests networks for known weaknesses attackers exploit
The platform, called FireDrill, consists of an agent that is deployed on representative endpoints, and a server that stores attack scenarios and gathers data.
The platform’s function is similar to that of another startup SafeBreach. Both companies differ from penetration testing in that they continuously test networks whereas a pen test gives a snapshot in time with large gaps between each snapshot.
With FireDrill an attack scenario might test whether a company’s data-loss-prevention platform is working as it should. The scenario might have an endpoint access a document, download it and upload it to Dropbox. If the scenario succeeds, FireDrill reports a failure of the DLP; if it is blocked, the test registers as a pass.
The agents run in the background and don’t affect the performance of the machines on which they are running, says Stephan Chenette, the company’s CEO and co-founder.
FireDrill comes with preset scenarios but customers can build their own using a Python software developer’s kit. The company is building communities of interest in which like-minded customers can share the custom scenarios they write, he says. The company updates scenarios as researchers come up with new attack vectors to check out.
Its platform is available either as a cloud service or an on-premises deployment. The SaaS option is hosted in the Amazon Web Services cloud.
The company was founded two and a half years ago by Chenette and Rajesh Sharma who worked together for six years at Websense, which was bought by Raytheon and is now rolled up into Forcepoint.
Based in San Diego, the company has 12 employees but plans to expand to 50 or so by the end of the year, Chenette says.
FireDrill costs $150 per agent per month. FireDrill is available for two-week free trials with unlimited agents.