Modern, Disruptive Testing Tool Now Available to Public Security Community
San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center security and threat detection, today made its Infection Monkey testing tool freely available to the public security community at large. Designed to test the resiliency of modern data centers against cyber attacks, the Infection Monkey was developed as an open source tool by GuardiCore’s research group, led by seasoned cyber security researcher Ofri Ziv.
“Traditional testing tools are no longer able to effectively detect vulnerabilities in today’s data center networks as they cannot continuously exploit the weakest link and propagate in-depth, resulting in a very partial view of network vulnerabilities,” said Pavel Gurvich, CEO and co-founder of GuardiCore. “Our open source Infection Monkey represents a new approach that can be used to automatically test for potential security failures while operating in much the same way a real attacker would, by choosing a random starting location in the network and propagating from there, finding all possible paths of exploitation.”
GuardiCore’s Research Group Leader Ofri Ziv will present “Unleash the Infection Monkey: A Modern Alternative to Pen-Tests” at Black Hat 2016 on August 3 in Las Vegas. During his session Ziv will discuss the shortcomings of current approaches and address how the Infection Monkey can be of value to today’s security teams, provide a glimpse of the Infection Monkey running in an unsecured environment and offer use cases for real-world security testing scenarios.
Infection Monkey Features
The Infection Monkey is a self-propagating testing tool that is able to identify and visualize the path of least resistance in the data center network. It scans the network, checking for open ports and fingerprinting machines using multiple network protocols. After detecting accessible machines, it attempts to attack every single machine using methods such as intelligent password guessing and safe exploits. It does this by leveraging available data on systems it has breached, such as stolen credentials, to automatically spread and infect other machines, clearly highlighting all vulnerable systems in its path.
The Infection Monkey provides detailed information about the specific vulnerability exploited and the effect vulnerable segments can have on the entire network, giving security teams the insights they need to make informed decisions and enforce tighter security policies. It is designed to be 100 percent safe, with no reconnaissance or propagation features that can impact server or network stability.
Infection Monkey Availability
The Infection Monkey is developed on GitHub under the GPLv3 license. Contributions are welcome. Members of the public security community are invited to join GuardiCore’s Infection Monkey project, contribute code, open issues and feature requests.
GuardiCore is an innovator in internal data center security focused on delivering more accurate and effective ways to stop advanced threats through real-time threat detection and response. Developed by the top cyber security experts in their field, GuardiCore is changing the way organizations are fighting cyber attacks in their data centers. For more information, visit www.guardicore.com.