Home Data Security SpecterOps raises $25M for attack path analysis to show hacker’s perspective 

SpecterOps raises $25M for attack path analysis to show hacker’s perspective 

by WeeklyAINews
0 comment

Be part of high executives in San Francisco on July 11-12, to listen to how leaders are integrating and optimizing AI investments for achievement. Learn More


At present, adversary simulation, detection and coaching companies supplier SpecterOps introduced it has raised $25 million as a part of a sequence A funding spherical led by Decibel.

The increase comes only a 12 months after SpecterOps launched BloodHound Enterprise, a platform designed to investigate assault paths inside Microsoft Energetic Listing (AD) and Azure AD. It additionally highlights a rising curiosity in options that allow defenders to establish potential assault paths and vulnerabilities from a hacker’s perspective.

“Assault paths are chains of abusable configurations and permissions that allow attackers transfer laterally and escalate privileges inside their goal environments,” mentioned SpecterOps CEO David McGuire. “In distinction to vulnerabilities which might steadily be resolved by way of patching, assault paths exist due to the complicated privileges that exist inside IAM platforms like Energetic Listing and Azure AD.”

He continued: “As soon as an attacker has entry to a community (possibly from a phishing e-mail or getting an worker’s credentials from a knowledge breach) they’ll use assault paths to maneuver by way of the community and achieve extra entry to deploy ransomware, steal delicate knowledge, conduct cyber espionage, or in any other case attain their remaining goal.”

Steady evaluation and prioritization

As an illustration, if a menace actor compromises the account of a consumer who has the flexibility to set the password of a coworker, they’ll reset this downstream particular person’s password, login to the account and achieve extra entry to the atmosphere, all whereas evading detection. 

See also  How prompt injection can hijack autonomous AI agents like Auto-GPT 

The group is competing towards quite a lot of different distributors incorporating assault path evaluation, together with publicity administration supplier Tenable, which raised $683.2 million in revenue final 12 months.

Tenable presents defenders assault path administration capabilities to establish exploitable and real looking assault paths, whereas providing the Tenable.advert module to discover and visualize the underlying safety relationships of Energetic Listing. 

Nonetheless, McGuire argues that current options produce lengthy lists of misconfigurations with out prioritization or sensible steering, whereas BloodHound Enterprise can constantly analyze and prioritize each essential path in buyer environments to assist scale back dangers rapidly.

Source link

You may also like

logo

Welcome to our weekly AI News site, where we bring you the latest updates on artificial intelligence and its never-ending quest to take over the world! Yes, you heard it right – we’re not here to sugarcoat anything. Our tagline says it all: “because robots are taking over the world.”

Subscribe

Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

© 2023 – All Right Reserved.