Improved Ease of Use, New Exploits and Expanded Platform Support Enables Broader and Continuous Testing Across Data Center and Cloud Environments
San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced a new version of its Infection Monkey open source attack simulation tool with several significant enhancements. Designed to test the resiliency of modern data centers and clouds against cyber attacks, the Infection Monkey is an open source tool developed by GuardiCore Labs, originally introduced in 2016.
An autonomous, self-service tool, the Infection Monkey gives security professionals an additional testing tier that augments the in-depth value of current pen testing tools and services with the ability to conduct security assessments more frequently. It enhances compliance and flags areas of weakness in data centers and cloud environments.
Key new features in Infection Monkey v1.5:
- New user interface design: The Infection Monkey UI has been completely redesigned, enabling fast deployment and easier, continuous use. Infection Monkey users can now target and start attack simulations in just a few clicks.
- Visual map display: The Infection Monkey features a dramatically improved Infection Map that visualizes lateral movement inside the network with details of successful and unsuccessful attack attempts in a clear and easy to consume fashion, providing immediate and actionable insights.
- New exploits: The Infection Monkey now supports attacking hosts using several new techniques that are safe, automatic and potentially wormable. New exploits include attacking hosts against SambaCry and Elastic Search vulnerabilities and attacking Windows machines using the pass the hash hacking technique.
- Expanded platform support: The Infection Monkey v1.5 adds support for Docker containers plus AWS, Azure and Google Cloud Platform environments, and has expanded support for Debian Linux and Windows MSI, enabling broader security assessments across hybrid cloud and data center environments.
“While traditional testing tools and services offer in-depth, specific assessments of network vulnerabilities, Infection Monkey provides a safe means to conduct continuous testing, giving security professionals a very clear picture of any vulnerability in real time and what to do to fix them,” said Ofri Ziv, Head of Guardicore Labs. “Since launching Infection Monkey 18 months ago, we have provided regular monitoring and updates to users and engaged in continuous feedback that will inform our ongoing commitment to innovation and to the broader security community.”
About the Infection Monkey
The Infection Monkey is a self-propagating testing tool that is able to identify and visualize the path of least resistance in the data center network. It scans the network, checking for open ports and fingerprinting machines using multiple network protocols. After detecting accessible machines, it attempts to attack every single machine using methods such as intelligent password guessing and safe exploits. It does this by leveraging available data on systems it has breached, such as stolen credentials, to automatically spread and infect other machines, clearly highlighting all vulnerable systems in its path.
The Infection Monkey provides detailed information about the specific vulnerability exploited and the effect vulnerable segments can have on the entire network, giving security teams the insights they need to make informed decisions and enforce tighter security policies. It is designed to be 100 percent safe, with no reconnaissance or propagation features that can impact server or network stability.
Infection Monkey Availability and Support
The Infection Monkey is free and can be downloaded at www.guardicore.com/infectionmonkey/. Source code is available from the GitHub repository. The Infection Monkey is available for Linux, Windows, AWS, Azure, Google Cloud Platform and Docker environments. For questions, suggestions and guidance we encourage you to join the Infection Monkey Google Group at https://groups.google.com/d/forum/infection-monkey.
The Infection Monkey is developed on GitHub under the GPLv3 license. Contributions are welcome. Members of the public security community are invited to join GuardiCore’s Infection Monkey project, contribute code, open issues and feature requests.
GuardiCore Labs is the GuardiCore global research team, consisting of hackers, cybersecurity researchers and industry experts. Its mission is to deliver cutting-edge cyber security research and provide analysis, insights and response methodologies to latest cyber threats. GuardiCore Labs helps GuardiCore customers and the security community to continually enhance their security posture and protect critical business applications and infrastructure.
GuardiCore Labs’ recent, high-profile threat discoveries include the Hexmen multiple attack campaigns targeting database services, the Bondnet botnet used to mine different cryptocurrencies, a variant of the MongoDB ransomware attack targeting MySQL databases, the Trojan.sysscan malware and the original Infection Monkey presented at Black Hat 2016.
GuardiCore is an innovator in data center and cloud security focused on delivering more accurate and effective ways to protect critical applications from compromise through unmatched visibility, microsegmentation and real-time threat detection and response. Developed by the top cyber security experts in their field, GuardiCore is changing the way organizations are fighting cyber attacks in their data centers. For more information, visit www.guardicore.com