Bitdefender today introduced its new Bitdefender Offensive Services. The new offering is aimed at identifying, proactively assessing and resolving security gaps in a company's IT through penetration testing and simulated red team attacks. The offering addresses both on-premises, cloud and hybrid cloud environments.
Complement Bitdefender Offensive Services Bitdefender’s Managed Detection and Response (MDR) portfolio and provide organizations with proactive services and tools to strengthen their IT environments, reduce risk while meeting regulatory or compliance requirements such as SOC 2, HIPAA, GLBA, FISMA, PCI-DSS, NIS2 and ISO 27001 - all at a constantly evolving threat landscape.
Experts test via hack
Teams of highly qualified and experienced cybersecurity analysts, security researchers, threat hunters and CREST certified ethical hackers lead the services. They are based on the data from the Bitdefender Global Protective Network, which consists of hundreds of millions of sensors that constantly collect data on IT security worldwide.
Additionally, the new services help organizations with Continuous Threat Exposure Management (CTEM), a cybersecurity process that simulates controlled attacks to identify and simulate threats to networks, systems and supply chain environments. This process stress-tests the IT security level and identifies vulnerabilities before the real attackers exploit them.
Penetration testing and red teaming
Penetration Testing
Tailored to each organization, the service takes into account several factors, such as the industry, the operational infrastructure, what software is used and what risks are perceived. The ethical hacking team conducts a security vulnerability inventory to identify the vulnerabilities of systems, including networks, applications and mobile devices. The experts use the vulnerabilities they find to carry out authorized simulated cyber attacks. They check a company's cyber defenses and control mechanisms (authorization, authentication and integrity checks) against industry standards.
A detailed report derived from this helps to eliminate security gaps, explains the possible consequences of a real attack and strengthens the company's overall IT security level.
Red Teaming
Human experts lead the intelligence-based exercise that simulates real-world threat actors, including Advanced Persistent Threats (ATPs). The experts show how attackers would attempt to compromise critical functions and the underlying systems of an organization. In contrast to penetration testing, red teaming is goal-oriented and based on open-scope testing. The simulated attacks occur covertly over an extended period of time to assess an organization's entire cybersecurity ecosystem, including people, processes and technology. The attacks are based on the techniques, tactics and procedures (Techniques Tactics and Procedures, TTP) of the MITER ATT&CK framework and are intended to imitate the behavior of opponents using specific attack methods.
Simulated methods include social engineering, victim-tailored tools and malware, post-intrusion lateral movement, and other approaches. The Bitdefender Red Team improves an organization or company's ability to detect and respond to attacks and increases business resilience to attacks.
More security for companies
“As malware, vulnerability exploitation, phishing and other attacks continue to increase and evolve, companies that take proactive steps to continually improve their cybersecurity will be much more secure than others,” said Andrei Florescu, Deputy General Manager and Senior Vice President of Products at Bitdefender Business Solutions Group. “By complementing our MDR offering with Bitdefender Offensive Services, organizations will benefit from a straightforward approach to improving their security posture and having critical elements of their security efforts reviewed, analyzed and led by a highly talented team of professionals.”
In the independent 2023 Cybersecurity Assessment Report, more than half (52%) of the 400 IT and cybersecurity professionals surveyed said that hackers had exposed company data or broken into their IT infrastructure in the last twelve months. When asked about their biggest concerns about cyber threats, study participants cited software vulnerabilities and/or zero-day risks (53%). This finding complements Bitdefender Labs' findings showing a significant increase in cybercrime, with cybercriminals exploiting known software vulnerabilities using proof-of-concept (PoC) attacks.
More at Bitdefender.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de