Channel partners, Content, Security Program Controls/Technologies

XM Cyber Delivers Open-Source Pentesting Tool for Microsoft Azure


XM Cyber, an Israeli hybrid cloud security company, now provides the XMGoat open-source penetration testing tool for Microsoft Azure environments. The tool could be particularly useful for MSPs and MSSPs that are exploring potential cloud security posture management (CSPM) services, MSSP Alert believes.

The background: Roughly 40 percent of our Top 250 MSSP survey participants for 2021 said they offer CSPM to their end customers. The goal: Find and mitigate public cloud misconfigurations before hackers exploit the erroneous settings. On a similar note, XMGoat teaches pentesters, red teamers, security consultants and cloud experts how to abuse misconfigurations within Azure environments, XM Cyber stated. That way, the tool illustrates common Azure misconfigurations and the security issues associated with them.

XMGoat contains terraform templates, aka "scenarios," that contain multiple Azure environments, according to XM Cyber. It lets users automatically deploy scenarios in misconfigured Azure environments that are vulnerable to cyberattacks and data breaches.

An XMGoat scenario starts with a breach point in which a cybercriminal has gained access to an Azure environment, XM Cyber stated. A user is responsible for finding the attack path to a critical asset and compromising it.

XM Cyber offers three XMGoat scenarios:

  1. Compromise-Sensitive Storage Account Container: A cybercriminal can view sensitive blobs (large collections of unstructured data) from a user's storage account.
  2. Compromise Subscription: A cybercriminal can modify subscription permissions.
  3. Account Takeover, Compromise Tenant: A cybercriminal becomes a global account administrator.

XMGoat scenarios contain different breach points, critical assets and attack points, XM Cyber noted. They highlight how cybercriminals can exploit Azure misconfigurations, what causes them to happen and what can be done to mitigate them.

A Closer Look at XM Cyber

XM Cyber is a cyberattack path management platform provider owned by retail giant Schwarz Group, which acquired the company in November 2021.

Organizations can use XM Cyber's platform to identify and analyze vulnerabilities, misconfigurations and user privileges that can lead to cyberattacks, the company said. The platform provides visibility into attack paths that hackers can use to penetrate organizations' critical assets, along with risk remediation tips and resources.

MSSPs can join XM Cyber's partner program to integrate the company's platform into their security offerings. In doing so, MSSPs can use XM Cyber's platform to help their customers optimize their security posture.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.