See Why Continuous Automated Red Teaming (CART) Is The Future Of Security Testing

In today's rapidly changing environment, threat actors are using an arsenal of new and sophisticated techniques that make attacks unrecognizable. With a plethora of products and a rapidly shifting landscape of threat and risk, cybersecurity remains elusive or possible as impossible as the "happiness problem". 

While the adversaries only have to succeed once, the organizations as defenders need to succeed every time. Security is also laborious, organizations can test some assets sometimes, while hackers are attacking all the assets at all of the time. 

The emergence of the new technology called Continuous Automated Red Teaming, or CART, can be a gamechanger in solving this problem.

Red Teaming: A Realistic Attack Emulation That's Hard To Scale

By definition, red teaming is a goal-based ethical hacking technique. It was first used by the US military to map war tactics. But in the current world, it is used on a much broader and larger scale than conventional security testing. It lets the security teams first discover an organization’s attack surface and then launch simulated attacks to test blind spots – this is very similar to a real hack. Unlike penetration testing, it is not based on the scope of IPs/applications but instead objective- or goal-based, meaning you can attack whatever you want to achieve the goal.

Traditional red teaming is done at a point in time and is usually a lengthy process that takes a lot of time. And it involves multiple tools, manual effort and only tests a fraction of an organization’s assets, occasionally. It is largely manual, hard to scale, and unaffordable for most organizations.

CART: Emerging Tech for Comprehensive and Continuous Attack Surface Discovery and Testing

CART is an emerging security technology designed to automate red teaming so that one can achieve the breadth and depth of the process as well as scale it and seamlessly conduct it on a continuous basis. There are multiple potential approaches including hardware, software, or even Software-as-a-Service (SaaS).

At FireCompass, we developed a SaaS-based approach that uniquely combines Attack Surface Management (ASM), Shadow IT Discovery, and the simulation of various types of attack playbooks, including ransomware attacks, network and application attacks, social engineering, and more. The platform uses an outside-in approach by working with zero knowledge and without the need for any hardware or software to find risks on the digital attack surface of an organization.

During the CART process, an organization can search already indexed deep, dark, and surface web data using similar reconnaissance techniques as nation-state actors. It automatically discovers an organization’s dynamic digital attack surface, including unknown exposed databases, cloud buckets, code leaks, exposed credentials, risky cloud assets, and open ports, etc. Once an attack surface is recognized and the scope for the simulated attack is authorized, the attack engine launches multi-stage attacks on the discovered surface to identify security blind spots and attack paths before hackers do. The platform then prioritizes the risks and recommends the next steps for mitigation.

CART vs. Traditional Solutions

Traditional red teaming is typically conducted once or twice a year. It is consultant-driven and requires manual orchestration between multiple tools. CART automates the process and makes red teaming continuous.

Penetration testing is conducted on a few, known applications or systems. CART, unlike penetration testing, discovers the attack surface on its own without any inputs and launches a combination of multi-stage attacks, spanning from networks to applications to humans.

Breach and Attack Simulation (BAS) tools typically need hardware or software agents to be installed and work inside of an organization. The tools mimic real threat actions and tell how much an attacker can proliferate if it gains access to an internal system. CART on the other hand works using an outside-in approach and conducts real attacks without the need for any hardware, software, or integration.

While today’s hackers operate with a level of sophistication that surpasses typical preventative and detection capabilities, CART can be a game-changing approach to stay one step ahead. You must test your own controls to identify potential blind spots before an attacker exploits them.

Authored by Bikash Barai, Co-Founder, FireCompass

Interesting Blogs:

Views: 179

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

Forum

Security Trends and Emerging Technologies That A CISO Should Adopt In 2021

Started by Priyanka Aash Mar 3. 0 Replies

What are the challenges you as a CISO have been facing since the last year and share some security trends that are catching up? Help the community by sharing your knowledge and personal views on this subject. Or if you have any specific questions…Continue

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */