CIO Influence
CIO Influence News Security

AttackIQ Flex 3.0 Unites Prevention and Detection with Splunk Integration, Boosting Analyst Efficiency and Simplifying Detection Engineering Outcomes

AttackIQ Flex 3.0 Unites Prevention and Detection with Splunk Integration, Boosting Analyst Efficiency and Simplifying Detection Engineering Outcomes

Seamless integration offers instant visibility into detection gaps and adversary detection rule generation

AttackIQ, the leading independent vendor of breach and attack simulation (BAS) solutions and founding research partner of the MITRE Engenuity Center for Threat-Informed Defense (CTID), today announced AttackIQ Flex 3.0, agentless security control validation that integrates natively with Splunk to deliver a fully seamless user experience.

Also Read: CloudDefense.AI Explores Agentless Cloud Security, Cloud Encryption, and Code to Cloud Security

“All About That BAS: Achieving SIEM Efficiency with Breach and Attack Simulation”

A Growing Need for Efficient and Accurate Threat Detection

As cyber threats grow more sophisticated, organizations are struggling to detect and mitigate breaches. In 2024, it takes organizations on average about 10 days to detect an attacker, while it only takes an adversary mere hours to accomplish their objective. Meanwhile, most organizations’ threat detection remains woefully out of date. These detection failures underscore the need for detection as the last line of defense between a breach and full-blown incident response. Effective detection allows organizations to contain breaches more efficiently, even at scale.

However, implementing effective detection remains a complex and resource-intensive process. Security teams face hundreds of detection requirements across incident response (IR), security operations centers (SOCs), and cyber threat Intelligence (CTI) teams. Writing and validating detection rules is prone to errors, often missing key tactics, techniques, and procedures (TTPs) used by adversaries. These gaps in detection leave organizations vulnerable, emphasizing the need for more efficient and accurate approaches to threat detection.

“When prevention fails, detection becomes your last line of defense in catching adversaries before full-blown incident response is required,” said Carl Wright, Chief Commercial Officer at AttackIQ. “We’re excited to partner with Splunk to bring Flex 3.0 to their customers worldwide, empowering them to strengthen their security posture with seamless, real-time detection and validation capabilities. Already, organizations using BAS have reported significant improvements, with a 37% increase in analyst efficiency and a 44% reduction in costs related to security breaches.”

Also ReadCIO Influence Interview with Aaron Bray, Co-founder and CEO of Phylum

The Flex original service provides detailed security performance metrics and mitigations in minutes, allowing organizations to conduct granular security validation without facing recurring fees or complex deployments.

Introducing Flex 3.0: Seamless Integration with Splunk for Automated Detection Improvement

With Flex 3.0, AttackIQ empowers security teams to take control of their detection strategies and stay ahead of evolving threats. Flex 3.0 offers agentless adversary emulation that can be run anywhere, providing organizations with instant visibility into their security control effectiveness. It also identifies detection gaps by delivering testing results fully integrated into the Splunk user experience via a native Flex integration. Leveraging AI-generated Yara and Sigma detection rules, organizations can now seamlessly improve their detection rules with new detections predicated on adversary emulations to identify security control gaps.

Flex 3.0 offers out-of-the-box tests derived from the latest adversary research, ensuring that organizations stay ahead of evolving threats. These tests provide critical detection and prevention insights from security controls, feeding directly into SIEM to ensure continuous monitoring and analysis.

[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]

Related posts

Ontix Partners with Mavenir to Deliver Open RAN Neutral Host In-Building Mobile Connectivity

CIO Influence News Desk

Majesco and CyberCube Partner to Bring Sophisticated Ecosystem of Data, Signals and Models to Cyber Insurance Products to Drive Profitable Growth

CIO Influence News Desk

BearingPoint Appoints Davide Olivieri as US Partner

Business Wire