Guardicore Infection Monkey Provides Zero Trust Assessment of AWS Environments

Guardicore Infection Monkey Provides Zero Trust Assessment of AWS Environments

April 21, 2021 Off By David
Object Storage

Guardicore unveiled new Zero Trust assessment capabilities in Infection Monkey, its open source breach and attack simulation tool. Available immediately, security professionals will now be able to conduct Zero Trust assessments of Amazon Web Services (AWS) environments to help identify the potential gaps in an organization’s AWS security posture that can put data at risk.

Infection Monkey is an open-source Breach and Attack Simulation (BAS) tool developed and maintained by Guardicore Labs. Designed to be 100% safe for production environments, the tool helps IT security teams assess their organization’s resiliency to unauthorized lateral movement both on-premises and in the cloud. Infection Monkey enables organizations to see the network through the eyes of a knowledgeable attacker – highlighting the exploits, vulnerabilities and pathways they’re most likely to exploit in your environment.

New features of the latest Infection Monkey release include:

  • Zero Trust Maturity Assessment in AWS: New integrations with Scout Suite, an open source multi-cloud security auditing tool, enable Infection Monkey to run Zero Trust assessments of AWS environments. Infection Monkey highlights the potential security issues and risks in cloud infrastructure, identifying the potential gaps in AWS security posture. Infection Monkey presents actionable recommendations and risks within the context of the Zero Trust framework’s key components established by Forrester.
  • Expanded MITRE ATT&CK Techniques: Infection Monkey applies the latest MITRE ATT&CK techniques to its simulations to help organizations harden their systems against the latest threats and attack techniques. The four newest ATT&CK techniques the Infection Monkey can equip are:
    • Signed script proxy execution (T1216)
    • Account discovery (T1087)
    • Indicator removal on host: timestomp (T1099)
    • Clear command history: (T1146)
  • Critical Exploit Assessment: Despite patches being issued, organizations are still susceptible to powerful new vulnerabilities that threat actors continue to exploit. Infection Monkey is now able to test infrastructure resiliency to new remote code execution vulnerabilities, including CVE-2020-1472 (Zerologon) and CVE-2019-6340, which affects Drupal Core.

“The accelerated adoption of cloud workloads has elevated the risk of data being exposed either by external threat actors, or by internal vulnerabilities such as poor access control and misconfigurations. Securing this sensitive information requires a shared model of responsibility, where organizations are enforcing Zero Trust frameworks on their cloud workloads,” said Ofri Ziv, VP Research, Guardicore. “The new version of Infection Monkey is one of the first tools that allows Zero Trust assessment of public cloud workloads. Today, companies migrating to AWS environments can do so securely and confidently, using Infection Monkey to rapidly identify the hidden vulnerabilities before they’re exploited.”

To download the latest version of Infection Monkey, please visit: https://www.guardicore.com/infectionmonkey/index.html#top.