RSS Cloud Blog

How virtual red team technology can find high-risk security issues before attackers do

Cloud security teams use cloud-native application protection platforms (CNAPPs) to identify misconfigurations and vulnerabilities in their multi-cloud environments, but these solutions often fail to prioritize the most critical security issues. Security Command Center's virtual red team capability helps answer the questions "Where am I most at risk?" and "What issues should I prioritize?" by simulating a sophisticated attacker and running millions of attack permutations against a digital twin model of an organization's cloud environment. This approach discovers attack paths with toxic combinations that are unique to each customer's cloud environment, empowering security teams to find and prioritize critical issues. Toxic combinations are groups of security issues that can create a path for an attacker to reach high-value cloud resources. The virtual red team capability is different from the static, rules-based approach employed by most CNAPPs, allowing it to find previously unknown cloud risks. Security Command Center helps cloud security teams discover and prioritize critical issues, and its virtual red teaming technology has discovered real-world risks in cloud environments. The approach is more effective because it simulates the persistence and creativity of real-world attackers, and it incorporates threat intelligence from experts who investigate cyber incidents.
cloud.google.com
cloud.google.com
Create attached notes ...