Getting Started With SafeBreach

OVERVIEW

This course will introduce you to our product. You will learn about Breach and Attack Simulation (BAS) technology, you will have a first introduction to SafeBreach platform screens and features.

In this course, you will learn :

Breach and Attack Simulation principles
SafeBreach Platform Overview

Lesson 1 – What Is BAS

Breach and Attack Simulation (BAS) is a cybersecurity testing method that simulates real-world cyber attacks on a network or system to assess its vulnerabilities and the effectiveness of its defenses. The goal of BAS is to identify and prioritize vulnerabilities, assess the potential impact of an attack, and validate the effectiveness of the organization’s security controls and response plans. BAS can be used to test the security of networks, applications, servers, and other IT assets, and can help organizations improve their cybersecurity posture by identifying and addressing weaknesses before they can be exploited by attackers. It typically involves the use of specialized software and tools that mimic the tactics, techniques, and procedures (TTPs) used by real-world attackers.

Lesson 2 – Product Overview

Now, let`s see an overview of our platform, and understand the screens and features of it :

As you probably noticed, our platform has a lot of features to offer. In order to use them properly, you need to have an initial setup that will represent your network and allow you to use all those features and attacks. Now, you know the product. Let`s understand the application’s workflow:

Attack

The first step of the operation. Attack section allows the user to set up scenarios. You can choose pre-configured scenarios from the SafeBreach Scenarios page or from the Playbook. You can build attacks based on your Vulnerabily Management integrations and you can configure your own attacks using the Studio.

Analyze

The second step of operation. After you ran some tests, you can use the analysis tools. Simulation Results screen will display the results by order and help you by filtering them. MITRE ATT&CK Board will display the results in a MITRE oriented map, and the Breach Explorer will present your possible breaches and data-leakage paths in a visual way.

Remediate

After you decide about your remediation priorities based on the attack analyses, you can use the Insights panel to remediate using a specific method or technique. The Vulnerability Management screen screen will help prioritize which vulnerabilities to remediate first.

Report

Monitor your network’s security status by using our pre-configured Dashboards or configure your own dashboard. Use the Reports screen to generate PDF reports to present them to your stakeholders. The Risk Map will help you to emphasize the possible breaches between your system components and network segments.

Quiz time

1 / 3

What is our SLA for new US-CERT alerts?

We provide an attack in less than 24 hours from a US-CERT alert

We provide an attack in less than 48 hours from a US-CERT alert

We provide an attack in less than 8 hours from a US-CERT alert

We provide an attack in less than 72 hours from a US-CERT alert

2 / 3

Why should you define your data assets?

In order to attack them directly

In order to assess their vulnerability in the simulations

In order to know how many we have

In order to prevent unintentional deployment of a simulator on a "data asset"

3 / 3

What are the four steps in the application?

Access - Attack - Report - Repeat

Attack - Remediate - Report - Repeat

Attack - Analyze - Remediate - Report

Attack - Analyze - Resolve - Report

Your score is

Congratulations !

You have finished the getting started course. Proceed to the next course – System Deployment course

Proceed

4

2

All

00:15h

English

Table of Contents