Content, Channel partners, Security Program Controls/Technologies, Threat Intelligence, Threat Management

AttackIQ Expands Security Testing with SMB-Centric Solutions

AttackIQ, a breach and attack simulation developer, said it is expanding its customer reach and rounding out its portfolio with new software-as-a-service products to appeal to smaller businesses and testing neophytes.

The customer expansion marks the second time in two months that AttackIQ has moved to gain more clients, the company announced. In early June, AttackIQ received U.S. General Services Administration (GSA) approval for its Security Optimization Platform to sell to government agencies to help find gaps in their security coverage.

What's New from AttackIQ

AttackIQ has introduced AttackIQ Flex and AttackIQ Ready! to go along with its Attack IQ Enterprise offering. The company’s expanded portfolio aims to debunk the notion that adversary emulation and automated testing is confined to mature organizations. That perception, AttackIQ said, has served to leave smaller organizations untested, when nearly half of cyberattacks are against small-to medium sized businesses (SMBs).

With its fleshed-out portfolio, testing is now available for everyone, the company said.

AttackIQ Flex is an on-demand, pay-as-you-go, agentless test-as-a-service solution. Its features include:

  • A simplified user experience provides detailed security performance metrics and mitigations. Organizations can conduct granular security validation without recurring fees or complex deployments.
  • Anyone within the organization can use the solution, expanding test-as-a-service outside of traditional security organizations.

Explaining the merits of AttackIQ Flex, AttackIQ CEO Brett Galloway said:

"We have removed the need for long-term licenses to ensure that security validation is within reach for everyone, regardless of their background or industry. You can pay as you go to initiate, run, or expand your testing program to meet your unique demands, whether you are a first-time tester, are testing across new divisions in your business, running a merger and acquisition process, or on-boarding a new military alliance network.”

AttackIQ's Breach and Attack Simulation Service

Another addition is AttackIQ Ready!, a newly launched and fully managed breach and attack simulation (BAS) service. Its features include:

  • An automated security control validation platform to SMBs.
  • A deep library of MITRE ATT&CK-aligned adversary emulations to generate actionable reports and clear remediation recommendations on a weekly and monthly basis.
  • Attack graphs and Cybersecurity and Infrastructure Security Agency (CISA) alert content from the AttackIQ Adversary Research Team.

AttackIQ Enterprise, a co-managed service for large enterprises, retains its position as the company’s flagship SaaS offering for mature security organizations while also completing AttackIQ’s new managed service product line, the company said.

Customers manage the full AttackIQ SaaS platform and have access to the entire testing library at any time.

Commenting on the expanded product line, Carl Wright, AttackIQ chief commercial officer, said:

“With AttackIQ Ready! and AttackIQ Flex, we are democratizing cybersecurity testing by extending our expertise and solutions to the entire market and giving organizations the chance to expand their testing capabilities whenever they need.”

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.