FireCompass has unveiled its new artificial intelligence powered Continuous Automated Red Teaming (CART) platform that mimics thousands of hackers trying to break into an organization. The solution enables organizations to launch continuous safe attacks to identify blind spots before hackers do. Created by a team of serial cybersecurity entrepreneurs, FireCompass’ product is already being used by top companies, including Sprint (now a part of T-Mobile), Security Innovation and others spanning multiple industries.
The global economy would end up suffering losses to the tune of $6 trillion per year by 2021 on account of cybercrimes, as per Annual Cybercrime Report. India stands third on a list of countries that have been the target of cybercriminals. According to Gartner, “Nation-state actors and criminal organizations operate with a level of sophistication that surpasses the preventative and detection capabilities of most security and risk management teams.”
“Organizations typically conduct security testing only a few times a year on a partial list of online assets, excluding shadow IT unknown to security teams. Meanwhile, hackers are always attempting attacks on the entirety of their assets,” said Bikash Barai, Co-Founder of FireCompass. “At FireCompass, our vision is to make Continuous Automated Red Teaming (CART) available to all so that organizations can discover and test all their assets at all times – just like real attackers do.”
FireCompass is reinventing traditional red teaming using the power of AI and SaaS. The solution runs continuously without the need for software, hardware or additional employee resources. It indexes the deep, dark and surface web using similar reconnaissance techniques as nation-state actors. The platform automatically discovers an organization’s ever-changing digital attack surface, including unknown exposed databases, cloud buckets, code leaks, exposed credentials, risky cloud assets and open ports, etc. The attack engine then launches multi-stage attacks, which includes network attacks, application attacks and social engineering attacks, on the discovered digital surface to identify attack paths that are otherwise missed by conventional tools.
FireCompass’ CART uniquely combines Attack Surface Management (ASM), and multiple security testing technologies, eliminating the need for multiple tools and significant manual effort. With FireCompass, scans that once took weeks and months can now be completed in hours or days. FireCompass’ key capabilities include:
Continuous Automated Red Teaming (CART)
Continuous safe attacks to test the effectiveness of security investments and discover security blind spots.
Attack Surface Management (ASM) & Shadow IT Discovery
Identification of orphaned domains/subdomains, risky IPs, exposed database/cloud buckets, code leaks, leaked credentials, exposed test/pre-production systems and Shadow IT risks.
Ransomware Attack Surface Monitoring
Internet scans to discover risky assets that can be exploited by malware and ransomware.
“To our surprise, FireCompass has exceeded our expectations,” said a Risk Manager at Sprint (now a part of T-Mobile). “The tool has demonstrated reliability in the findings, and FireCompass has proven to be a valuable service provider.”