SafeBreach

"... You may have grown used to getting and approving MFA requests. The malicious actors hope you won’t pay attention and approve any MFA push notification you may receive." - SafeBreach CISO Avishai Avivi https://hubs.ly/Q02VyPLr0

Adoption of endpoint protection platforms is on the rise. According to Gartner®, “By 2029, 50% of organizations will evaluate endpoint protection platforms as part of a comprehensive workspace security strategy, up from approximately 20% in 2024.” Download the latest Gartner® Magic Quadrant™ for Endpoint Protection Platforms to learn more about the strengths and cautions for different vendors, and to read an assessment of must-have and optional capabilities. https://hubs.ly/Q02Vv5400

"Avishai Avivi, CISO at SafeBreach, emphasizes that the CISA alert on Iranian cyber actors is a timely reminder... about the abuse of 'MFA Exhaustion.' He warns that malicious actors hope users will mindlessly approve MFA requests." https://hubs.ly/Q02VyRkZ0

Optimize your detection engineering with the SafeBreach BAS platform. Use real TTPs and a vast library of attacks to ensure your security controls and response processes are ready to respond to sophisticated threats in real time: https://hubs.ly/Q02S4hS30

Looking forward to API's Cybersecurity conference for the Oil and Gas industries next month! You can catch us at booth 102. 😎

SafeBreach Labs researchers discovered a new vulnerability that allows adversaries to remotely delete critical files, including entire production databases, from fully patched servers. The vulnerability is fully undetectable. 🫥 😬 Join us for the research webinar on November 20, 2024, at 9 am PT/12 pm ET: https://hubs.ly/Q02VlrKN0

Heading to #SecTor this week? SafeBreach Security researcher Shmuel Cohen will be presenting, "EDR Reloaded = Erase Data Remotely," on Thursday, October 24 from 10:15am-11:00am in Room: 801A. You can also catch the SafeBreach team on the floor at Booth 637. 😎 https://hubs.ly/Q02V5Jt50

Selecting the right EDR for your environment in 2 steps: Step 1: Download the latest Gartner® Magic Quadrant™ for Endpoint Protection Platforms to learn more about the strengths and cautions for different vendors, and to read an assessment of must-have and optional capabilities. Step 2: Once you’ve narrowed down your choices, leverage complementary capabilities of breach and attack simulation (BAS) to help objectively evaluate the performance of top EDR vendors within your specific environment during the PoV or vendor bake-off. https://hubs.ly/Q02V5D7X0

Whether your organization opts for CTEM or another proactive security strategy, regular validation of security controls is crucial. BAS offers a unique perspective, allowing your team to test your security posture through the lens of a threat actor. Ready to learn more? Dive into our on-demand webinar: The Road to CTEM: How Breach & Attack Simulation Fuels a Continuous Threat Exposure Management Program. https://hubs.ly/Q02TpDgV0

New Coverage Alert - CISA and other authoring agencies have issued a new CERT Alert (AA24-290A) highlighting the use of password spraying and other techniques being used by Iranian threat actors to gain and maintain access to critical infrastructure entities. Existing SafeBreach customers do have coverage against the majority of the attacks highlighted in this CERT alert. Our playbook not only has extensive coverage of the TTPs and IOCs listed in this US CERT, but also has very extensive coverage of techniques being frequently used by Iranian threat groups. Stay tuned for our blog and additional CERT-specific coverage details soon. #BestinBAS #Iranianthreatactors #safebreach