The post Fredrik Alexandersson, Office IT-partner: “Detectify is my hacker toolbox” appeared first on Detectify Blog.

ServiceNow, a leading provider of management tools for security and IT operations, has joined forces with Synack to help Security Operations Center (SOC) operators spot and correct gaps in vulnerability detection and protection.

Enterprises rely on ServiceNow to monitor, manage and respond to security incidents from across their hybrid infrastructure. By cohesively gathering, correlating and remediating incidents originating from their wide spectrum of security defenses, ServiceNow improves an enterprises’ SOC workflows, efficiency and effectiveness.

Although a SOC’s defenses, led by their ServiceNow implementation, can be best-in-class, they are, by nature, reactive to vulnerabilities and breach attempts as they occur. Offensive security testing allows an enterprise to proactively evaluate effectiveness and proper configuration of security defenses and spot and correct gaps in vulnerability detection and protection before actual attacks occur.

Traditional approaches to security testing include yearly compliance audits and pentests which, while necessary, are not dynamic enough to test defenses against new vulnerabilities that may surface at any time. At the same time, requiring SOC staff to proactively test security defenses on a continuous basis has historically been impractical and too costly.

To address this challenge, Synack’s Premier Security Testing Platform leverages the power of our automated smart scanning combined with human triage and pentesting by the Synack Red Team (SRT). The SRT is our expert, vetted community of 1,500+ security researchers available on demand to test against new exploits. Using Synack testing, SOCs receive confirmed reports of exploitable vulnerabilities along with recommendations for remediation.

Synack’s certified integration with ServiceNow Vulnerability Response Management allows enterprises to manage exploitable vulnerabilities discovered by Synack as part of their established workflows and processes in ServiceNow. Using the Synack integration, the entire lifecycle of offensive testing and security gap remediation is managed from within ServiceNow, streamlining SOC efficiency and responsiveness to emerging threats.

The addition of Synack to ServiceNow offers the following capabilities:

• Enables 24x7x365 testing of network and application assets monitored by a SOC team.
• Proactively tests security controls, with continuous adversarial testing against new vulnerabilities.
• Combines smart and automated scanning with human intelligence for thorough analysis of exploitable vulnerabilities.
• Scalable, on-demand testing via the SRT.
• Automated testing, combined with human triage, greatly reduces SOC alert noise and false positives.
• Identify sources of critical risk to prioritize assets for deeper penetration testing and targeted SOC remediation efforts.
• Attacker resistance score to quantify risk on an organization and asset-by-asset basis.
• Integrated management of testing, findings, and patch verification.
• Detailed reports and recommendations concerning exploitable vulnerabilities, triaged by the SRT and Synack Operations.

How Synack complements and optimizes a ServiceNow-managed SOC:

• Synack findings are integrated with the SOC’s ServiceNow tools and processes to ensure coordinated workflow.
• Efficiently blends the benefits of full time in-house or dedicated SOC resources with the diverse perspectives of a team of vetted security testing talent to meet surges in demand.
• Allows SOC operators and analysts to identify gaps in security detection and prevention capabilities, and through re-testing by SRT, prove that their SOC remediation efforts are successful.
• Provides a manageable and repeatable security testing process to facilitate continuous posture improvement.

To learn more about the ServiceNow and Synack partnership, visit our ServiceNow partner page.

The post Optimize Your SOC with ServiceNow and Synack appeared first on Synack.

In the cyber realm, organizations are often running their defensive and offensive security operations with little coordination.

Defensive security techniques, such as firewalls, endpoint detection and response, network access control, intrusion prevention and security information event management, detect and stop attackers. While offensive security offers a way to test the effectiveness of cyber defenses, including techniques and tools such as red teaming, penetration testing, vulnerability assessments and digital reconnaissance. Too often organizations focus on defensive security and not enough on offensive security testing.

Red Team vs. Blue Team

By design, security offense and defense teams work separately, with the red team or pentesters probing the attack surface looking for weaknesses, much like malicious hackers might. Without consistent and frequent communication between the two, the defense won’t know where to make improvements.

Security Operations Centers (SOC) focus on defensive cybersecurity. SOCs use many defensive security tools, as such they need a single pane of glass to view and correlate the data points coming from each source. Splunk Enterprise and Splunk Cloud (Splunk) are data platforms at the center of security operations that provide insights across disparate data streams to achieve end-to-end visibility for SOCs. Often missing are the results of offensive security testing into the SOC’s single pane of glass.

To combine offensive security data, Synack offers an add-on app for Splunk, allowing the SOC to view, correlate and receive alerts for the results of offensive security tests and recommended fixes to their defensive security in real time.

When information about security flaws isn’t accessible by the SOC, vulnerabilities and exploits uncovered by offensive security testing are reviewed only occasionally (e.g. in conjunction with periodic events such as yearly security compliance audits). New types of threats appear daily, so an occasional review isn’t sufficient to maintain good security posture. However, given the opportunity, Splunk’s architecture can ingest dynamic offensive security testing results and make such results actionable by security leaders.

An organization’s defenses can, and should, be tested against the latest security threats, not just the ones needed to pass a yearly compliance audit.

The Synack Integration with Splunk

Synack helps address these challenges by offering a premier security testing platform, supported by an expert, vetted community of security researchers who run continuous vulnerability assessments and deliver on-demand pentesting as new exploits emerge. The Synack Red Team (SRT)—1,500+ members strong—allows customers to take advantage of a diverse and instantly scalable security talent pool without the overhead of static headcount to accommodate surges in testing demand. Customers get offensive security testing 365 days a year with actionable reports to empower them to tackle new risks as they occur.

The Synack integration with Splunk uncovers exploitable vulnerabilities that can be correlated with network traffic, logs and other data collected by Splunk to recommend more effective security policies and rules on defensive tools (e.g. intrusion prevention systems and web application firewalls). Progress to harden an organization’s attack surface can be made by reviewing results, verifying recommendations and patching fixes (which can be verified by the SRT). The integration automates this process by facilitating continual improvement in security posture.

With the integration between Synack and Splunk, organizations can seamlessly coordinate offensive security into their SOC, enabling continuous defensive improvement in cyber security posture and protection. Splunk and Synack help all your team members work from the same playbook. 

To learn more about Synack’s premier security testing please visit our website, to learn about Splunk see their site and to access the Synack Integration with Spunk please visit the Splunkbase.

The post Splunk and Synack Partner to Bring Both a Defense and Offensive Strategy appeared first on Synack.

By Justine Desmond

Unemployment in cybersecurity is close to zero percent. If that’s not enough to cause concern, the global shortage of cyber professionals is estimated at 2.72 million individuals. With an economic downturn, there’s also more risk to hiring full-time positions. Whether you already have a pentest offering or would like to sell pentest services, scaling your team of skilled security testers is likely to be a major hurdle.

Synack can help. Synack is one of the world’s largest pentesting providers with an elite team of 1,500 security researchers and scalable technology. Our partners include a wide range of companies from Microsoft, a leading technology powerhouse, to regional partners such as Red River.

The benefits of Synack’s pentest offerings to our diverse partners include:

• On-demand test deployment 
• Talent augmentation 
• Faster revenue growth 

In some companies, pentesting is a bad word that brings to mind disruption, delays and ineffectiveness. Synack has redefined pentesting as responsive, continuous and intelligent.

What does a better pentest experience mean for our partners? 

On-Demand Deployment

Synack’s deployment and scoping process takes days, not weeks or months. As attack surfaces become more complex and dynamic, companies need more flexible testing. Synack can easily meet pentesting demand with an elite crowd of researchers, available 24/7/365. Our ability to quickly increase researchers on target enables Synack to launch tests in 3 days or less. You won’t run into the same scheduling delays with Synack as you would with a traditional pentesting firm. Additionally, Synack has self-service capabilities for existing customers. And it’s not just pentesting that is on-demand: Synack has the ability to address topical vulnerabilities, such as log4j, hours after they make headlines.

Talent Augmentation 

Synack can add more seats to your bench – whether you have an existing pentesting team or not. Synack’s researchers have to complete a rigorous vetting process that includes a criminal background check, video interviews and a skills assessment. These researchers have tactics, techniques and procedures (TTPs) that replicate what attacks look like today – not just a standard checklist. It’s the infosec equivalent of adding 50 Steph Currys to your team on-demand. Additionally, Synack goes beyond compliance by offering value-add features such as Jira and ServiceNow integrations, remediation assistance and researcher communication to help customers fix vulnerabilities and save time.

Faster Revenue Growth

Synack helped increase revenue growth by 800% over five years for one partner. Synack helps partners to increase their growth by providing easy margin. Synack can meet demand at scale with consistent quality, which is what differentiates us in a competitive market. You won’t have to worry about constraints such as talent capability, capacity and cost. 

If you’re interested in launching or expanding your pentesting business, look no further than Synack. Our work with over 400 customers speaks volumes about our reputation. Additionally, we work closely with many partners across the US, Europe, and Asia. If you think that Synack could be a helpful partner for you, please visit the Synack Partnerships microsite.

The post How Partners Increase Their Offerings and Revenue Growth with Synack appeared first on Synack.

Synack works with innovative government security leaders who are responsible for protecting their organizations by finding and remediating exploitable vulnerabilities before they can be used by an attacker. In this effort we have formed trusted partnerships with federal agencies and their consultants, helping them to achieve mission-critical goals safely. Synack has worked with more than 30 federal agencies to quickly identify known and unknown vulnerabilities before attackers can take advantage of them. And Synack has received Moderate “In Process” status from the Federal Risk and Authorization and Management Program (FedRAMP) underscoring Synack’s commitment to stringent data and compliance standards. This work is especially important in light of President Biden’s recent cybersecurity memorandum laying out steps that federal agencies need to take to protect the nation’s critical assets – its networks and data.

An example of such recent and essential work brings us back to December 12, 2021, when the U.S. Department of Homeland Security (DHS) issued a warning about the Log4j vulnerability. Federal agencies were required to identify if they had the vulnerability and remediate it by December 24th. The challenge for agencies trying to find this vulnerability was that the effort could take weeks. Synack’s SWAT team was able to identify vulnerability (and variants) in a matter of hours for agencies. Without Synack, this could have taken days or weeks to find. One Synack federal customer was able to successfully test more than 520 active hosts and 200 in a 24-hour period for this critical vulnerability. 

Accenture Federal Services (Accenture) is a premier consultant to cabinet-level federal agencies, providing end-to-end cybersecurity services and skilled professionals to help agencies innovate safely and build cyber resilience. In partnering with Synack, Accenture brings to bear the power and speed of the Synack platform to help federal agencies be more proactive with their cybersecurity practices. Working together, Synack and Accenture are delivering innovative solutions, including continuous security testing, which empowers agencies to quickly detect and remediate vulnerabilities before they can be exploited. Synack’s comprehensive security testing complements Accenture’s hands-on consultative engagements support agencies integrating security into their organization.

Proactive components of security programs are so critical and yet often hard to perform at scale, primarily due to the cyber talent gap. Together, Accenture and Synack are successfully building proactive measures into agency-wide security programs with clear impact and staying power. We are regularly delivering on unprecedented find-to-fix vulnerability cycles, Vulnerability Disclosure Programs VDP (BoD 20-01), and testing in pre-production environments. 

The Power of Synack & Accenture Federal Enables Security Teams for On-Demand Security Testing

• Penetration testing at scale
• Nimble responsiveness to time-sensitive customer needs
• Continuous security posture testing
• Evaluation of high-value assets and testing of internal, external, and cloud assets
• Policy and compliance audits

The Synack/Accenture  partnership is a strong example of how Synack can provide a higher level of pentesting and security evaluation to government customers with varying levels of security expertise. In-house pentesting is difficult to scale, but Synack’s community of the world’s most skilled and trusted ethical researchers delivers effective, efficient, and actionable security testing on-demand and at scale, allowing security teams to focus on the vulnerabilities that matter most.

The post Synack and Accenture—Working Together to Protect the Nation’s Critical Assets appeared first on Synack.