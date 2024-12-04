AttackIQ® announced AttackIQ Flex 3.0

December 2024 by Marc Jacob

As cyber threats grow more sophisticated, organizations are struggling to detect and mitigate breaches. In 2024, it takes organizations on average about 10 days to detect an attacker, while it only takes an adversary mere hours to accomplish their objective Meanwhile, most organizations’ threat detection remains woefully out of date. These detection failures underscore the need for detection as the last line of defense between a breach and full-blown incident response. Effective detection allows organizations to contain breaches more efficiently, even at scale.

However, implementing effective detection remains a complex and resource-intensive process. Security teams face hundreds of detection requirements across incident response (IR), security operations centers (SOCs), and cyber threat Intelligence (CTI) teams. Writing and validating detection rules is prone to errors, often missing key tactics, techniques, and procedures (TTPs) used by adversaries. These gaps in detection leave organizations vulnerable, emphasizing the need for more efficient and accurate approaches to threat detection.

The Flex original service provides detailed security performance metrics and mitigations in minutes, allowing organizations to conduct granular security validation without facing recurring fees or complex deployments.

Introducing Flex 3.0: Seamless Integration with Splunk for Automated Detection Improvement

With Flex 3.0, AttackIQ empowers security teams to take control of their detection strategies and stay ahead of evolving threats. Flex 3.0 offers agentless adversary emulation that can be run anywhere, providing organizations with instant visibility into their security control effectiveness. It also identifies detection gaps by delivering testing results fully integrated into the Splunk user experience via a native Flex integration. Leveraging AI-generated Yara and Sigma detection rules, organizations can now seamlessly improve their detection rules with new detections predicated on adversary emulations to identify security control gaps.

Flex 3.0 offers out-of-the-box tests derived from the latest adversary research, ensuring that organizations stay ahead of evolving threats. These tests provide critical detection and prevention insights from security controls, feeding directly into SIEM to ensure continuous monitoring and analysis.