Booz Allen Hamilton announced today the availability of SnapAttack, a cloud-based software solution that brings together actionable threat intelligence and hacker detection.
By unifying the security lifecycle into a single solution, SnapAttack enables red and blue teams to work together, emulating attacks from intelligence data, sharing insights of malicious behavior, and developing vendor-agnostic behavioral detection analytics to stop advanced adversaries.
Today’s red and blue teams use multiple, siloed products for key functions like threat intelligence, incident detection and response, breach and attack simulation, and continuous monitoring, causing them to struggle to keep up with the latest threats and attack methods. Compounding the issue, cybersecurity analysts experience alert fatigue from the high volume of alerts they receive, many of which are false positives. In fact, 93 percent of organizations reportedly receive more than 5,000 alerts per day, but on average, security teams only investigate 51 percent of these alerts.
As a cloud-based software solution, SnapAttack is always up to date. New attack techniques and analytics are regularly pushed to subscribers, but advanced teams can harness the full power of the platform to create their own attack techniques and analytics based on internal threat intelligence.
With SnapAttack, security teams can:
“SnapAttack addresses the needs of CISOs and SOC leads to deploy proactive, preventive security measures that continuously test cyber defenses to get ahead of attacks by identifying and addressing potential vulnerabilities and control gaps before the adversary can,” said Brad Medairy, a Booz Allen Executive Vice President and leader of the firm’s cybersecurity and engineering business. “This tool is a culmination of years of offensive and defensive cyber operations experience – consistently defeating advanced persistent threats.”
Designed to improve the detection of malicious behavior at the endpoint, SnapAttack supports the top endpoint detection and response (EDR) vendors in the marketplace.