AttackIQ, whose platform validates enterprise security, and The Chertoff Group, a security and risk management consultant, will together deliver a new security service to help organizations measure risk, train staff and justify investments.
The service, which is called Att&ck Diagnostic, is built on the Mitre Att&ck framework that maps threat actors to tactics, techniques and procedures (TTP). It combines the strengths of the partners -- Chertoff’s risk management specialty and AttackIQ’s automated testing platform -- to help enterprise customers build and sustain strategic, risk-based security programs focused on proven effectiveness.
The foundation of the collaboration? Adversaries can readily change hash values, IP addresses, domains and other indicators but it is much harder for them to change overall tactics and techniques. Smoke out the TTPs and you have a better roadmap to defend yourself.
“We are excited to formally announce this partnership with AttackIQ because it helps clients attain an unmatched level of visibility into actual security performance,” said Michael Chertoff, executive chairman and co-founder of The Chertoff Group and former Secretary of Homeland Security. “Our expertise combined with MITRE’s Att&ck framework and AttackIQ’s technical prowess will give our clients unique insight into how effectively their defensive capabilities actually address risk, enrich training for security staff and offer real business case justification for security investments,” Chertoff said.
Here’s how it works: The Att&ck Diagnostic service measures the effectiveness of an organization’s defensive countermeasures by creating a risk-based threat model that:
- Maps current defenses to TTPs in the threat model.
- Identifies what technologies and standards are addressing what TTPs.
- Identifies holes in coverage.
- The TTP-coverage map enables customers to prioritize future defensive countermeasure investments based on actual risk reduction.
Here’s what customers get:
- Hands-on support to familiarize the technical team in conducting threat-specific planning and controls assurance testing.
- Coaching on how to make specific business cases for security tools or personnel investments that align with their organization’s specific security needs.
- Technical teams receive in-depth training to empower organizations to leverage the AttackIQ platform and the Att&ck Diagnostic TTP map to continuously evaluate countermeasure performance and make strategic, threat-informed decisions to further mature the program.
“We are excited to formally announce this partnership with AttackIQ because it helps clients attain an unmatched level of visibility into actual security performance,” said Michael Chertoff, executive chairman and co-founder of The Chertoff Group and former Secretary of Homeland Security. “Our expertise combined with MITRE’s Att&ck framework and AttackIQ’s technical prowess will give our clients unique insight into how effectively their defensive capabilities actually address risk, enrich training for security staff and offer real business case justification for security investments," he said.
Brett Galloway, AttackIQ CEO, pointed to a Ponemon study that concluded U.S.-based enterprises spend nearly $20 million annually on cybersecurity tools and technology. More than half don't know if the tools are even working, he said. “The AttackIQ platform is designed to address this very problem. We have worked with The Chertoff Group for over a year in developing the Att&ck Diagnostic, and have used the approach as a proof of concept with multiple customers, receiving overwhelmingly strong, positive feedback,” he said.
AttackIQ recently landed $17.6 million in a Series B financing round led by venture capital firm Khosla Ventures. The financing brings to $35 million AttackIQ’s total funding.