CART AI simulation mimics nation-state cyberattacks
With a hack executed every 39 seconds, companies security testing is paramount. But, according to the inventors of Continuous Automated Red Teaming (CART), their efforts fall short against real-world scenarios.
FireCompass, based in Boston, US, has developed CART to simulate thousands of hackers attempting a broad attack on an organisation. The team claims that scans that once took months can now be completed in a matter of days.
Its solution, which harnesses the power of artificial intelligence and SaaS, runs continuously without software installation, hardware or additional employees, automatically scanning the ever-changing digital attack surface of a company, including exposed databases, cloud buckets, code leaks, exposed credentials, risky cloud assets and open ports. It then launches multi-stage attacks to find attack paths missed by conventional cybersecurity tools.
Bikash Barai, co-founder of FireCompass said, "Organizations typically conduct security testing only a few times a year on a partial list of online assets, excluding shadow IT unknown to security teams. Meanwhile, hackers are always attempting attacks on the entirety of their assets. At FireCompass, our vision is to make Continuous Automated Red Teaming (CART) available to all so that organizations can discover and test all their assets at all times – just like real attackers do."
One risk manager at Sprint, a division of T-Mobile, said, "To our surprise, FireCompass has exceeded our expectations. The tool has demonstrated reliability in the findings, and FireCompass has proven to be a valuable service provider."
Firecompass was founded by industry veterans Barai, Nilanjan De and Priyanka Aash, who have broken cybersecurity giants including McAfee, Microsoft Bit Locker, Sophos and AVG.
Find out more
Caption. Credit: Getty/Petri Oeschger