Cyber defense: It is a statement that cybercrime has increased a lot in numbers in these past years, and the state that it has reached is quite frightening. Nowadays, many companies are increasing their safety measures regarding cyber security, where they wish to achieve total security of their infrastructure and ensure user safety. But a common fact that we are witnessing is the approach that many companies choose to follow, which is a reactive approach. This means that most companies or organizations decide to undertake many actions regarding cyber defense after a specific cybercrime has happened or is expected to happen.
This approach in the cyber world could be considered a fallout point because the solution that a security engineer could offer after a cybercrime has happened may not be the “life saver” action that the company may need in the first place. This depends on the nature of the attack that has happened and the impact that this attack had on the software, infrastructure of the entity, or the data that has been compromised. That’s why the best security solution that many security engineers worldwide suggest is the proactive approach when we are talking about cyber defense.
Introducing the proactive approach
The primary purpose of the proactive solution is to help organizations, companies, and even users to detect and avoid threats and risks before the attackers have a chance to put their hands on sensitive information or cause additional damage. To help this, there are a lot of companies around the world that offer the services penetration testing and cyber defense services, where they are mainly divided into red teaming – penetration testing with an attack approach, and blue teaming – specialized in the cyber defense services and procedures. But one downside with these services is that there isn’t a combination of these services in one platform that could gather every action and generate understandable KPIs in a user-friendly dashboard.
Fortunately for us, SnapAttack, a new and innovative start-up, has changed how to work regarding proactive solutions and approaches to cyber defense. SnapAttack is the security industry’s first purple teaming platform. It is a cloud-based solution that helps accelerate existing threat intelligence, threat hunting, and purple teaming capabilities to help validate true-positive attack behavior and minimize false positives to drive more focus and efficiency on cyber defense teams. The innovation behind Snap Attack is that it offers an all-in-one purple teaming solution, where blue and red teams work together to generate detailed reports and analytics about the entity’s situation that is being tested and monitored.
SnapAttack is a cyber threat hunting and detection company with a unique technical solution that enables community collaboration around threat intelligence, attack emulation, and behavioral analytics. This new approach helps organizations proactively identify potential vulnerabilities, risks, and gaps in their infrastructure before an incident occurs. SnapAttack was incubated in Booz Allen’s Dark Labs and is grounded in years of experience in nation-state-level cyber operations and tradecraft.
Booz Allen DarkLabs is an elite team of security researchers, threat hunters, penetration testers, reverse engineers, network analysts, and data scientists dedicated to stopping cyber-attacks before they occur, based on years of experience in cyber defense (blue teaming), data analytics, threat hunting, and cyber offense (red-teaming) as one of the world’s largest cybersecurity solution providers, Booz Allen’s technical talent develops products like SnapAttack by leveraging advanced and emerging technologies alongside decades of working with clients to defeat advanced cyber threats. In 2021, SnapAttack was established as a stand-alone company to focus on proactive threat hunting, detection-as-code, purple teaming, and rapidly evolving platform capabilities. In November 2021, they raised $8million in new funding after the spinout from Booz Allen Hamilton.
“SnapAttack is poised to empower a new level of collaboration among the next generation of ethical hackers, threat hunters, and security researchers providing advanced insights to stop attackers in their tracks,” Fred Frey, SnapAttack CTO, and co-founder. “While many of our competitors focus on a single stage of the workflow and most often from a specific offensive or a defensive lens, SnapAttack provides a space to merge both.”
The mission and beliefs of SnapAttack
4imagazine had the chance to discuss with Fred Frey, Chief Technology Officer and Co-Founder of SnapAttack, to get a better understanding of their missions and goals for SnapAttack.
Fred Frey says that for years security professionals have relied on indicators of compromise as outlined in different cybersecurity Frameworks. That’s why it is necessary to develop a strong threat detection program and that companies need to do more in combining solid threat intelligence with red and blue teams. And that is precisely what SnapAttack aims to reach.
“We believe that cyber defenders are stronger together. By working together, red and blue team, we can share data and manage to outthink the attackers.”
Snapattack’s ever-growing library has over 2500 attacks and more than 3500 analytics in the platform at present, and that number grows every day. Defenders can use in the SnapAttack platform to find and prevent the most advanced threats without being overwhelmed by false positives. And now, with the Community Edition, a free-of-charge open platform that was launched in March of this year, members will have access to the full-featured platform of SnapAttack, which will allow them to share actionable threats intelligence data and generate detection analytics. SnapAttack has approved community members will be given content authorship privileges, allowing them to develop and share actionable content with all community users.
“I am a strong believer that the cybersecurity community must collaborate, share intelligence, and work together to withstand the barrage of threats industry and government faces daily,” said Fred Frey.