Red teaming is a full-fledged attack simulation designed to assess a company’s defense against real-life hackers.

FireCompass Technologies, a Bangalore headquartered technology company, launched today its new artificial intelligence-powered Continuous Automated Red Teaming (CART) platform named FireCompass.

FireCompass is a SaaS platform that ethically and securely simulates a situation where thousands of hackers are trying to breach an organization’s defenses.

It’s a fire drill that shows up any lacuna in the preparedness of an organization for a security emergency.

How it works

FireCompass has revolutionized conventional red teaming procedures through the use of AI and a SaaS platform.

It is a platform for Continuous Automated Red Teaming (CART) and Attack Surface Management (ASM).

From the Firecompass website:

FireCompass continuously indexes and monitors the deep, dark, and surface webs using nation-state grade reconnaissance techniques. The platform automatically discovers an organization’s digital attack surface and launches multi-stage safe attacks. By mimicking a real attacker, it helps identify breach and attack paths that otherwise escape detection by conventional tools.

The platform can do this continuously without the need for software, hardware, or manual supervision.

The company claims that red teaming or scans that once took weeks and months can now be completed in just hours, or days, by FireCompass.

“Organizations typically conduct security testing only a few times a year on a partial list of online assets, excluding shadow IT unknown to security teams,” said Bikash Barai, Co-Founder of FireCompass. “At FireCompass, our vision is to make Continuous Automated Red Teaming (CART) available to all so that organizations can discover and test all their assets at all times – just like real attackers do.”

Defense capabilities

The platform is capable of:

• Continuous Automated Red Teaming (CART)
• Continuous safe attacks to test the effectiveness of security investments and discover security blind spots.
• Attack Surface Management (ASM) & Shadow IT Discovery
• Identification of orphaned domains/subdomains, risky IPs, exposed database/cloud buckets, code leaks, leaked credentials, exposed test/pre-production systems, and Shadow IT risks.
• Ransomware Attack Surface Monitoring
• Internet scans to discover risky assets that can be exploited by malware and ransomware.

Related Story:   Ransom Amounts Escalate Into Tens of Millions As Hacks Get Bolder