Back to Home

Onboarding Journey

Table of Contents

START YOUR JOURNEY

Welcome to the SafeBreach onboarding journey!

Here you will learn about Breach and Attack Simulation(BAS) basics and about SafeBreach platform principles. We will walk you through the process of setting up the SafeBreach platform beginning with deploying and installing simulators in your network. We are here to make this process as smooth as possible. 

We recommend that you complete these steps in advance so you can get the most out of our kickoff call.

This section’s objectives are:

  • Allow simulator files to run by adding them to the Allowlist
  • Configure impersonated users with representative privileges
  • Configure your security control and other integrations
  • Conduct a “kickoff call” with your customer success manager

Step 1 – Allowlist Simulators

To allow SafeBreach’s simulators to run in your network, we recommend applying the required following exclusions.

Some EPPs (Endpoint Protection Platforms), like Windows Defender, might see our simulator processes as a threat and will block them from running.

Read More

Step 2 – Impersonated Users

 Users have different sets of privileges and permissions. We simulate operations as these users to make sure the system only allows users to do operations they are allowed to do.
To make this happen, you’ll first need to define each type of user. SafeBreach will use those impersonated user roles while running tests.

Just go to Administration > Attack Setup > Impersonated Users to define each type of user. You can also use our CLI (Command-Line Interface) or API (Application Programming Interface) interfaces to define them.

Read More

Step 3 – Integrations

Are you ready to level up your SafeBreach experience? We’ve got great news! Our platform supports a growing number of third-party integrations to make your life easier and your security stronger! There are five different types of integrations, each with a unique purpose.

Check out this video below to learn about one of them, and get ready to integrate like a pro!

Read More

Step 4 – SIEM

With SafeBreach’s SIEM (Security Information and Event Management) integration, you can join forces with your security devices to take down the bad guys. When a simulation is triggered,SIEM integration can help you figure out if your devices detected it and even provide details on the events. It’s like having a personal sidekick to help you prioritize and take down the threats that matter most.

Take a look at this example of SafeBreach integrated with Splunk for a better understanding of how SIEM integration can benefit your organization.

Read More

Step 5 – Advanced Actions

SafeBreach simulations are like ghost pranks – they don’t leave any trace! However, some of our simulations are so realistic that they may interact with the environment in ways that generate a bit of impact. No need to worry though, we’ve got you covered!

Check out our advanced actions configuration and learn how to handle these realistic simulations like a pro!

Read More

Step 6 – Alert Communication

SafeBreach identifies and prioritizes risks to help inform which issues to handle first.

The prioritization process is based on simulations that may, themselves, generate events and alerts. This guide is to help security engineers distinguish between alerts from actual threats and simulated threats in order to facilitate handling real incidents by priority.

Learn about the events matching process:

Read More

KICKOFF CALL

The next step is the Kickoff call. In this introduction call SafeBreach will define the KPIs and the success criteria and start developing a business plan with you. By the end of this call, SafeBreach will schedule future meetings and start the official onboarding phase!

To prepare for this meeting :

  • Send the meeting invitation to the relevant team leads
  • Write notes and questions to ask SafeBreach’s sales engineers during the call

Quiz time

1 / 3

Why is it important to whitelist the simulator files?

2 / 3

Why should we configure impersonated users?

3 / 3

Which integration is the most important?

Your score is

The average score is 91%

0%

Congratulations !

You have finished the first part
Proceed to the next part – Deploying Simulators   

Proceed