The Infection Monkey 1.10.0 — Go Bananas with New AWS Zero Trust Assessments

Version 1.10.0 of the Infection Monkey is here! In addition to the usual performance improvements and bug fixes, this release comes with new features to help you assess and strengthen your organization’s security posture.

This release would not be possible without the contributors and users who make up the Infection Monkey community. Thank you!

What is this (Infection) Monkey Business?

The Infection Monkey is an open-source Breach and Attack Simulation (BAS) tool developed and maintained by Guardicore Labs. Designed to be 100% safe for production environments, the tool helps IT security teams assess their organization’s resiliency to unauthorized lateral movement both on-premises and in the cloud. This allows you to do your zero trust assessment on the fly without fear.

 

Once you let the Infection Monkey agent loose in your environment, it will automatically attempt various exploits, propagate through your network, and report back to you, the administer, on its progress. This allows you not only to see your network through the eyes of a knowledgeable attacker, but the Infection Monkey also delivers helpful reports when it’s done running, giving you rich insights and actionable remediation advice.

Still have Zero Trust about the updates? Check them out below 🐒

We have several new a-peeling features in this new version that will make you go bananas!

🍌 Zero Trust Assessments in AWS with the Infection Monkey and Scout Suite

As cloud adoption continues to explode in 2021, IT security teams are looking closely at how they can better secure the critical workloads they’ve chosen to migrate to the public cloud. 

 

The good news is that the Infection Monkey is here to help! Now Integrated with Scout Suite, an open source multi-cloud security auditing tool, the Infection Monkey can run a Scout Suite scan on your AWS environment.

This will query the AWS API to gather configuration data and highlight the potential security issues and risks present in your cloud infrastructure. Then, the Infection Monkey takes this data and categorizes any findings in its Zero Trust Report.

With this new approach, you can easily review potential gaps in your AWS security posture. Actionable recommendations and potential risks will be presented within the context of the Zero Trust Framework’s key components established by Forrester.

🍌 Equip New MITRE ATT&CK Techniques

Infection Monkey can also help you find which MITRE ATT&CK® techniques go unnoticed by your security solutions’ detection and prevention capabilities. Then, helpful as always, the Infection Monkey provides recommendations as to how you can harden your systems against these techniques.

We’re continuing to improve the Infection Monkey’s ATT&CK capabilities to improve coverage. Therefore, in the newest version, we’ve added four new techniques, bringing the total to 36! 

The four newest ATT&CK techniques the Infection Monkey can equip are:

  • Signed script proxy execution (T1216)
  • Account discovery (T1087)
  • Indicator removal on host: timestomp (T1099)
  • Clear command history (T1146)

🍌 Explore New Exploits

This release includes two new remote code execution vulnerabilities that the Infection Monkey can now exploit:

CVE-2020-1472 — Zerologon

CVE-2019-6340 — RCE in Drupal Core

While fixes have been issued, the Infection Monkey is more than happy to take advantage of machines that haven’t yet applied them, allowing you to safely test and discover potential risk before a bad actor does.

🍌 Access the Full Release Details for 1.10.0

For more information about all of the improvements, big and small, in this newest release, read the official release notes.

Swing into action with the latest Infection Monkey Release

Even if you’ve run the Infection Monkey before, we encourage you to use it continuously in order to take advantage of these new features and identify new risks in today’s fast-evolving networks.

What are you waiting for? Download the latest release for free today!

Alternatively, if you’d like to inspect the source code for yourself or become a contributor, be sure to visit the GitHub repository

Get the latest Guardicore news

Sign up to read about the latest in cyber security and learn from the Guardicore team with insights about trends and reducing your risk.

FOLLOW US ON

Cyber Threat Intelligence

Get unique information on malicious Internet assets – IP addresses and domain – detected by Guardicore.

SHARE THIS ARTICLE:

Share on facebook
Share on twitter
Share on linkedin
Share on email