Detecteam is a continuous Breach and Attack Simulation platform to enable you discover attacks you cannot detect.
Have you noticed when an attack is found and described, the vendor’s security research team writes a fairly accurate document, update it over time with new discovers and provide a list of Indicator of Compromises (IoC) in the end of the document?
We have too, and we realized that this information was hard to use:
- IoC change fairly quickly. Using them is better than nothing, but what matters is capturing the attack logic
- The attack description describes a logic that cannot be automated
- Hard to get data for the attack, how does it look like with your Firewall logs? Windows logs? Network traffic (pcap) etc.
This is why we built Detecteam, to provide a platform where Attacks are universaly described and actionable. We created the Breach and Attack Simulation (BAS) programming language to capture the Attack logic and understand all it does, while creating the Data Footprint at the same time!
Because attacks can be described accurately, Detecteam is able to Simulate technologies and provide how the attack would have looked with those various systems. We have a virtual clock which handles the Attack time duration and start time, to then submit to various log analytic platforms, SIEM/SOAR/XDR the data generated so detections can be tested accurately.
This gives to teams a hands-on training to learn and improve the overall Organization’s security posture, but also give to software developer how their detection technology could react with certain attack patterns.