It’s No Secret
Migrating to and maintaining a hybrid cloud environment continues to be challenging from a cybersecurity point of view. New security gaps are constantly being created due to new ways of working in a hybrid network environment. Cyber attackers take advantage of this change to obtain the initial foothold and breach an organization leveraging misconfigurations, overly permissive identities, vulnerabilities and human errors. It’s important to implement cloud-based vulnerability assessment tools to strengthen the core of your security in the cloud. In order to gain the upper hand against threat actors, organizations should also include the adversarial context in their security arsenal. By understanding the true risk of a vulnerability as it relates to an exploitable attack path, you can reduce the risk it holds to your organization’s critical assets and prevent an attacker from compromising your network and moving laterally. In an ever-changing elastic environment, it is crucial to prioritize high impact risks and know what to fix first.
XM Cyber partnered with Amazon Web Services to help organizations proactively manage cloud security and accelerate digital transformation. XM Cyber is now an AWS Select Technology Partner by integrating the XM Cyber Attack Path Management Platform with Amazon Inspector.
So, Why the Collaboration?
It’s simple. Cloud security is at a crossroads but we understand that our security posture doesn’t have to be. The XM Cyber Attack Path Management platform integration with Amazon Inspector identifies all cyber exposures, vulnerabilities and prioritizes high impact risks. The discovery is done across AWS customers’ EC2 Instances by enhancing the discovery with the adversarial context layer from XM Cyber. This continuous attack insight & attack surface context delivers quick results on what to fix first by prioritizing risks to critical assets to provide the new breed in security posture management.
XM Cyber provides specific context around the potential paths that attackers might take to reach an organization’s critical asset and pinpoints key intersections that multiple attack paths can flow through to then prescribe guidance to mitigate the risk in the most cost-effective manner. This data is then funneled to AWS Security Hub in a common format, enabling customers to take immediate action to address the riskiest vulnerabilities first.
But How Exactly Does it Work?
That’s the best part, XM Cyber reinforces Amazon Inspector with continuous hybrid cloud attack simulation. Let’s see how the magic happens:
1. XM Cyber Attack Path Management Platform listens to AWS Security Hub specifically for Amazon Inspector events. Inspector is an automated assessment service that helps improve the security and compliance of workloads deployed on the AWS Cloud. It proactively and continuously identifies cyber exposures as new workloads are deployed, illuminating high risk weaknesses such as misconfigurations, vulnerabilities, overly permissive identities and more, that combined together enable the execution of multiple attack paths towards critical assets that often originate from threats outside the cloud.
2. Correlates Inspector findings with XM Cyber’s Vulnerability Management module to show all risks towards critical assets. By ingesting information from a variety of data sources XM Cyber provides a clear visibility and context of all exposed vulnerabilities that lead to critical assets, resulting in improved vulnerability prioritization.
XM Cyber Vulnerability Management
3. Based on Amazon Inspector vulnerability findings, XM Cyber enriches the data by simulating attack paths from high risk devices towards critical assets and pinpoints key intersections multiple attack paths can flow through, aka choke points. Focusing on the highest impact risks first, organizations can reduce their attack surface in the most cost-effective manner. XM Cyber prioritizes risks based on the complexity of the attack, ie. how many steps it takes to compromise a critical asset and how many attack paths pass through them. By remediating the exposures on the choke points you mitigate the risk that can compromise your critical assets, driving focused, timely and resource- efficient remediation efforts.
Attack Path Modeling
4.XM Cyber continuously provides enriched data to AWS Security Hub in a common format, enabling customers to automate immediate action to address the riskiest vulnerabilities first.
Prioritized High Impact Risk in AWS Security Hub
“This relationship signals a new breed of security posture management, leveraging the benefits of attack path modeling along with Amazon Inspector continuous vulnerability assessments,” said Boaz Gorodissky, Chief Technology Officer at XM Cyber. “We are excited to work with AWS to deliver proactive cloud security and make accelerated digital transformation a reality. This integration is a first step of many to reinforce the great built-in security services of AWS and bring better cloud security solutions to wider audiences.”