Press Releases

New Research Shows that Breach and Attack Simulation Technology is Key for Managing Cyber Risk in a World of Growing Complexity

HERZLIYA, IsraelSept. 9, 2020 /PRNewswire/ — XM Cyber, the multi-award-winning leader in breach and attack simulation (BAS) software, was recognized by Frost & Sullivan for offering a superior solution to conventional manual testing for the reduction of cyber risk and operational costs.

Frost and Sullivan’s white paper highlights the importance of using automated tools like BAS in identifying security gaps. In Automated Breach and Attack Simulation: The Cost & Risk Reduction Revolution is Here, Frost & Sullivan’s Global Cybersecurity Program Leader Jarad Carleton writes, “Leveraging advanced automated BAS technology is a best practice that more enterprises with a large number of endpoints need to embrace. It will unquestionably enable organizations to raise the bar on security hygiene while simultaneously allowing IT departments to become more efficient.”

A Critical Period for Cybersecurity

In 2019, there were roughly 2.3 billion endpoints globally, according to Carleton. With the COVID-19 pandemic forcing millions of workers to telecommute, the job of maintaining endpoint security has become much more complex, as workers use their devices outside of the office and away from IT oversight and assistance.

Carleton notes that today’s organizations must deal with vulnerabilities arising from unpatched software, system misconfigurations, weak or compromised credentials, exploited trust relationships, poor encryption standards, or zero-day exploits. In addition to commonly known vulnerabilities, continuous changes in the user environment can lead to misconfigurations that are at the root of many security vulnerabilities.

Given these conditions, it’s imperative that enterprises have the right tools in place to maintain strong security. One of the best ways to ensure that unauthorized endpoint access or another common vulnerability does not lead to a costly data breach is the deployment of BAS technology offering continuous monitoring and real-time vulnerability analysis.

Benefits Over Conventional Security Testing

While breach and attack technology is similar in many ways to traditional penetration testing or red team exercises, it offers a few key differentiators. Manual testing is resource-intensive and expensive, which means that it is typically staged once or twice annually. This means that enterprises have little visibility into the state of their security in between testing periods. In addition to manual testing being expensive, it is often disruptive to business processes.

Breach and attack software solves this problem through automation. Instead of paying for a security team of variable skill and experience to conduct episodic tests and waiting weeks or months for results, enterprises get the benefit of 24/7 testing — the key to maintaining deep visibility into evolving vulnerabilities. In an era where dynamic cloud environments introduce a steady stream of changes, continuous monitoring is invaluable.

Additionally, while manual penetration tests can sometimes cause unanticipated collateral damage to live networks, BAS software can be safely run with no impact to production.

The XM Cyber Solution

Founded by three senior executives from the Israeli intelligence community, XM Cyber offers a cloud-based, automated BAS platform that offers protection in hybrid environments. XM Cyber technology mimics cyberattacks to identify vulnerabilities and offers prioritized remediation.

“XM Cyber’s platform mimics a real cyber adversary and conducts reconnaissance in the network and, eventually, inside secure zones,” Carleton writes. “At the end of the simulation, the enterprise can view the number of critical assets compromised and track each attack vector and its path to the defined critical assets. The enterprise security team is then able to investigate each step leading to the simulated breach and determine whether one or more choke points can be addressed to protect secure zones.”

Frost & Sullivan’s Verdict

The solution, according to Carleton, is the adoption of tools such as those offered by XM Cyber.

“Automated BAS tools such as XM Cyber change this equation and enable organizations to continuously monitor their IT environment for vulnerabilities in a safe, scalable, and cost-effective manner as the network changes. Since minimal input is required from security analysts, IT teams can focus their efforts on other critical tasks. Frost & Sullivan believes that leveraging advanced automated BAS technology is a best practice that more enterprises with a large number of endpoints need to embrace. It will unquestionably enable organizations to raise the bar on security hygiene while simultaneously allowing IT departments to become more efficient.”

To download the white paper, please click here.

About XM Cyber

XM Cyber brings innovation to the security industry with patented products that address the unique gaps that arise in large, complex networks. By safely and continuously simulating attacks on premise and in the cloud, XM Cyber exposes real-life security issues that arise from vulnerabilities, human error and misconfigurations. Remediation recommendations are prioritized based on criticality and relation to the customer’s most critical assets. The customer achieves a continual cycle of security posture improvement, optimizing security investments and human resources, and lowering exposure and risk. XM Cyber was founded by top executives from the Israeli cyber intelligence community and has offices in the US, UK, and Israel.

For more information:

Social Networks: Follow us on Twitter | LinkedIn | YouTube

Fusion PR (for XM Cyber)
Brian Janson
E: [email protected]
T: +1(646)-452-7111


Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.