Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Prism Infosec launches PULSE agile red team engagement service

published on 2024-08-22 12:40:50 UTC by Rebecca Knowles
Content:

Prism Infosec testing service said to bridge the gap between penetration testing and full-scale red team engagements using threat actor simulation.

Independent cybersecurity consultancy, Prism Infosec has announced the launch of its PULSE testing service to enable organisations which may not have the bandwidth or resource to dedicate to a full-scale red team exercise to assess their defence capabilities against real-world threats.

Prism Infosec testing service “an agile alternative”

PULSE claims to address the gap that currently exists between penetration testing and red teaming which can prevent organisations from gaining an accurate understanding of their security posture and provides an agile alternative that utilises an intensive testing approach.

Penetration Tests are contained evaluations that assess security boundaries and controls of distinct systems that excel at the analysis of specific vulnerabilities contained to specific control planes of individual systems.

In contrast, red teaming is a real-world test of the organisation’s defences against threat actor activities and capabilities which sees the tester adopt a more opportunistic approach that more closely mirrors the attacks the business could expect to be subjected to. PULSE has been devised to bridge the gap between the two different approaches using threat actor simulation.

Evaluated from the point of view of a threat actor

PULSE evaluates the security of an organisation’s perimeter, endpoint security, and environment, from the point of view of a time-limited opportunistic threat actor. Conducted over five days using techniques aligned with the MITRE ATT&CK framework, tests are carried out that are flexible, repeatable and measurable. Suitable for organisations that have invested in security tooling but lack a full-time dedicated Security Operations Centre (SOC) and staff, the timeframe and methods used ensure PULSE tests are not disruptive while still subjecting systems to rigorous assault.

“Red Teaming is a fantastic tool for exercising security tooling, staff, policies, and procedures in a realistic, secure, and safe manner. It does this by taking the Tactics, Techniques and Procedures (TTPs) of genuine cyber threat actors and applies them in intelligence led scenarios which can span multiple weeks. However, not every organisation is ready for the cost, time, and effort that a full red team engagement requires to deliver value for the business,” explains David Viola, Head of Red Team at Prism Infosec. 

“It’s here where PULSE comes in, allowing the organisation to real-world test its systems but without the commitment or disruption associated with red teaming. The PULSE tests emulate the approach an opportunistic cyber threat actor would take when seeking to breach the perimeter, establish a foothold, and compromise the environment all within the space of a working week.”

Pulse Methodology

The PULSE methodology is designed to rapidly test multiple different payloads and delivery mechanisms similar in approach to purple teaming which combines offensive and defensive tactics and involves the following steps:

  • Scoping – Red Team consultants capture the information needed for a successful engagement.
  • PULSE Test Plan – A tailored test plan is devised based upon the PULSE methodology and the findings from the scoping questionnaire.
  • PULSE Preparation – The client provides the pre-requisites while the consultant prepares payloads, infrastructure, and tooling.
  • PULSE Perimeter Assessment – Testing begins with an assessment of the perimeter using different payload delivery techniques.
  • PULSE Attack Surface Assessment – Successful payloads are tested against installed security solutions to establish which trigger an alert, which ones are blocked, and which penetrate the business.
  • PULSE Environment Assessment – Using a successful payload, an assessment is made of how far a threat actor would be able to penetrate the environment.
  • PULSE Report – The outcomes of all three phases are then documented, along with recommendations to harden the environment and suggestions and advice for follow-up testing to improve security posture.

PULSE can also be customised to enable testing specific to the customer environment, such as through the addition of physical testing using social engineering and physical breach techniques.

Phil Robinson, CEO at Prism Infosec, added: “Our commitment to advancing our technical capabilities has led us to create a service that effectively bridges the gap between Penetration Testing and Red Teaming. With PULSE, we’re making this high level of technical expertise accessible to organisations of all sizes. I’m thrilled to introduce PULSE to our clients and look forward to seeing the impact it will have on their security posture.”

PULSE is the first agile red team service Prism Infosec is announcing as part of a strategic reinvigoration of its red team service offerings. Future plans include a redefined Purple Teaming service and an integrated IR and Red Team service.

More UK Security News

Article: Prism Infosec launches PULSE agile red team engagement service - published 3 months ago.

https://securityjournaluk.com/prism-infosec-launches-pulse-agile-red-team-engagement-service/   
Published: 2024 08 22 12:40:50
Received: 2024 08 22 12:42:12
Feed: Security Journal UK
Source: Security Journal UK
Category: Security
Topic: Security
Views: 2

Custom HTML Block

Click to Open Code Editor