Startup AttackIQ Aims to Replicate Intrusions to Improve Defenses
AttackIQ offers a service that allows companies to conduct automated attacks against their IT infrastructure to detect exploitable flaws and misconfigurations.San Diego-based startup AttackIQ emerged from stealth mode and kicked off its flagship security service on Jan. 20, aiming to allow companies to attack their own systems as a way of detecting vulnerabilities and security weaknesses. The FireDrill service will allow companies to actively test the security of their networks, validating that their security products are working as expected and that vulnerabilities are not leaving their systems open to attack, Stephan Chenette, co-founder and CEO of AttackIQ, told eWEEK. By focusing on automated testing of defenses, companies can quickly detect changes to their security status, he said. "We have focused so long on purely looking at vulnerability scanning as the means to assess our defenses, and it requires much more than that," he said. "We have to look at our own security architecture, and not only understand the techniques, tools and tactics of attackers, but replicate them against our own systems." Organizations, especially large enterprises and government agencies, have focused on continuously monitoring their networks and systems for breaches. In addition, businesses with a more mature approach to security have used security information and event management (SIEM) systems to collect log, vulnerability and event data into an integrated picture of their current defensive posture.
However, such systems can often miss issues that attackers can then use to compromise business networks and data. AttackIQ's service installs agents on customers' systems and uses the software to check the system and to conduct a variety of different attack scenarios to test the business' security technology and processes.