Posts

Guardicore’s Infection Monkey Becomes the Industry’s First Zero Trust Assessment Tool

Open Source Infection Monkey Provides Enterprise Leaders the Ability to Examine Adherence to Zero Trust Security Posture and Prescribe Recommendations for Faster Zero Trust Adoption

Boston, Mass. and Tel Aviv, Israel – September 12, 2019 – Guardicore, a leader in internal data center and cloud security, today unveiled new capabilities for its Infection Monkey that make it the industry’s first Zero Trust assessment tool. Added features extend the functionality of the already successful Infection Monkey, a free, open source breach and attack simulation tool used by thousands to demonstrate and analyze their environments against lateral movement and attacks.  The latest version of Infection Monkey enables both enterprise security leaders and network engineers to determine how their environments perform against a Zero Trust security posture on their path to overall Zero Trust adoption. Infection Monkey now provides security and network infrastructure teams the ability to easily and accurately examine an enterprise’s adherence to key components of the Zero Trust framework as established by Forrester with detailed explanations of security gaps and prescriptive instructions on how to rectify them. Guardicore will preview the Zero Trust capabilities of Infection Monkey with attendees of the Forrester Security & Risk Forum in National Harbor, MD this week.

“A concept first developed by Forrester Research nearly a decade ago, the Zero Trust approach to information security is gaining momentum and driving strategic technical alignment and implementations toward a process focused on building security from the inside out,” said Pavel Gurvich, Co-founder and CEO, Guardicore. “Yet many organizations are still unsure of how to move from theory to deployment and apply the principles of Zero Trust in their environment. Infection Monkey is the first tool of its kind that allows organizations to safely and easily test their environment’s Zero Trust posture and generate specific recommendations to accelerate and enhance Zero Trust adoption and ensure continued adherence. ” 

Infection Monkey with Zero Trust Assessment

Infection Monkey enables cybersecurity and infrastructure architects to operationalize Zero Trust by accurately examining an enterprise’s adherence to the pillars of Zero Trust, including detailed explanations of where the enterprise falls short, and instructions on how to address these shortcomings. Easy to deploy and run, Infection Monkey tests implementation of the Zero Trust framework by attempting to communicate with machines residing in different segments of the enterprise network, demonstrating policy violations, and generating test results with actionable recommendations for remediation.With prescriptive reporting that can be easily implemented without any additional staff or education, Infection Monkey offers security leaders the ability to illustrate enterprise Zero Trust posture against the Forrester framework with an easy to understand red, yellow, green color scheme. Like previous versions of Infection Monkey, the latest version runs on bare metal, VMWare, other hypervisors, AWS, Azure, Google, and private clouds.

Availability & Contributions

Developed by Guardicore Labs Infection Monkey is an open source breach and attack simulation tool for securely and automatically testing the resiliency of private and public cloud environments. Guardicore Infection Monkey source code is currently available from the GitHub repository. Added capabilities for Zero Trust assessment and deployments for the AWS Marketplace, Microsoft Azure Marketplace and Google Cloud Platform Marketplace will be available for download at the end of the quarter. Infection Monkey is available for Linux, Windows, AWS, Azure, Google Cloud Platform, VMWare and Docker environments. For questions, suggestions and guidance join the Infection Monkey community.

Infection Monkey is open source, developed on GitHub under the GPLv3 license. 

Guardicore Labs

Guardicore Labs is a global research team, consisting of hackers, cybersecurity researchers and industry experts. Its mission is to deliver cutting-edge cyber security research, lead and participate in academic research and provide analysis, insights and response methodologies to the latest cyber threats. Guardicore Labs helps Guardicore customers and the security community to continually enhance their security posture and protect critical business applications and infrastructure.

Creators of Infection Monkey, a popular open-source network resiliency test tool, Guardicore Labs’ high-profile threat discoveries include Nansh0u advanced crypto-mining attack,  the Hexmen multiple attack campaigns targeting database services, the Bondnet botnet used to mine different cryptocurrencies, and a privilege escalation vulnerability in VMWare. Guardicore Labs also hosts Cyber Threat Intelligence (CTI), a freely available threat intelligence portal to assist security teams in identifying and investigating malicious IP addresses and domains in data centers. To learn more visit Guardicore Labs.

About Guardicore

Guardicore is a data center and cloud security company that protects your organization’s core assets using flexible, quickly deployed, and easy to understand micro-segmentation controls. Our solutions provide a simpler, faster way to guarantee persistent and consistent security — for any application, in any IT environment. For more information, visit www.guardicore.com.

Guardicore Integrates with AWS Security Hub

Today at re:Invent, Amazon revealed the AWS Security Hub, a security service that provides AWS cloud customers with a comprehensive view of their security state within AWS. Guardicore has worked with AWS over the past weeks to provide support and integration to this service. While AWS provides some built-in security capabilities, customers require additional capabilities that can only be provided by third-party companies like Guardicore.

Both Guardicore Centra and Infection Monkey now integrate with the AWS Security Hub. This integration provides a lot of value to customers. Early feedback is extremely positive and AWS customers would find it interesting to test both integrations:

GuardiCore Centra Integration with AWS Security Hub

GuardiCore Centra, our flagship product, secures any cloud-private or public. Security Incidents will be forwarded to the AWS Security Hub and can be managed through the console or consumed by other security products.

Infection Monkey Integration with AWS Security Hub

The Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that assesses the resiliency of private and public cloud environments to post-breach attacks and lateral movement. Its integration with the AWS Security Hub allows anyone to verify and test the resilience of their AWS environment and correlate this information with the native security solutions and benchmark score.

Working on the integration was fun. Since both Centra and Infection Monkey have integration points and can run on AWS, adding reporting interfaces to the Security Hub was a straightforward task.

We believe that the AWS Security Hub represents a good approach, allowing for more shared security insights from more vendors in order to improve the overall security posture of your environment. It detects security findings and alerts generated by other AWS security services, other security solutions (like GuardiCore Centra and Infection Monkey) and aggregates those findings and alerts within each supported AWS region.

During the beta period the service provided integration with Amazon GuardDuty, Amazon Inspector, and Amazon Macie and added new capabilities by running CIS benchmark check for AWS workloads. We are looking forward to your feedback. Tell us- what do you think about the integration?

What’s New in Infection Monkey Release 1.6

We are proud to announce the release of a new version of the Infection Monkey, GuardiCore’s open-source Breach and Attack Simulation (BAS) tool. Release 1.6 introduces several new features and a few bug fixes.

Azure passwords are still at risk; Infection Monkey can help

As this security flaw still exists and puts Azure environments at risk, we believe it’s important to continuously verify whether your environment is vulnerable. To do that we integrated Azure password harvesting capabilities into the Infection Monkey.

GuardiCore Upgrades Infection Monkey Open Source Cyber Security Testing Tool

Improved Ease of Use, New Exploits and Expanded Platform Support Enables Broader and Continuous Testing Across Data Center and Cloud Environments

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced a new version of its Infection Monkey open source attack simulation tool with several significant enhancements. Designed to test the resiliency of modern data centers and clouds against cyber attacks, the Infection Monkey is an open source tool developed by GuardiCore Labs, originally introduced in 2016.

Read more

The Next Gen Infection Monkey is Here

We are pleased to announce a new version of our Infection Monkey open source attack simulation tool with several significant enhancements. We first introduced the Infection Monkey in 2016 and have continuously developed and supported it. Part of what we did came from feedback we received from our community so thanks everyone for contributing!

Musing on Ransomware and Other Sophisticated Attacks

Everyone has something to write about ransomware. One can not open a mobile device or a news site without getting notification about some new ransomware-related content.  There’s a good reason: The recent events, media attention and to a certain degree, the public’s panic around the WannaCry ransomware attack are driving a lot of interest and even increase the […]

GuardiCore Announces GuardiCore Labs

Global Research Team Focused on Critical Cyber Security Analysis and Investigation to Benefit the Community through Publications and Timely Disclosure of New Advanced Threats Targeting Data Centers and Clouds

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced GuardiCore Labs, a global cyber security research team that conducts in-depth research and analysis, providing the security industry with actionable insights into the latest and most advanced threats facing data centers and clouds. GuardiCore Labs delivers cutting-edge breach detection and response methodologies to help GuardiCore customers continually enhance their security posture to protect critical business applications and infrastructure.

Read more

Best 8 Hacking Tools from This Years Black Hat Conference

Here are 8 absolute badass hacking tools which were demoed in this year’s Black Hat Conference. Hackers and security researchers are pulling out all the stops yet again, using Black Hat as a platform to explain, release and/or promote a ton of great tools for pen testers and security operations experts. Here are some of the highlights and tools that are being or will be demoed during the course of the conference which will end on 4th August.

8 Bad Ass Tools Coming Out Of Black Hat

Inspired by Netflix’s Chaos Monkey project, Infection Monkey is a data center pentest tool designed to spin up infected virtual machines within random parts of the data center to test for potential blind spots in the overall network security chain and help teams bolster their data center security resilience.