AttackIQ launches Flex 2.0 for advanced security testing

AttackIQ has announced the release of Flex 2.0, an agentless breach and attack simulation (BAS) solution designed to enable organisations to assess their security posture on demand. The new version introduces various enhancements aimed at improving security performance and compliance.

One of the key features introduced in Flex 2.0 is the Insights Dashboard, which provides actionable performance insights. It now includes Test Performance Scoring and Performance by MITRE Tactic, offering a clearer and more simplified view of overall security performance. This aims to drive continuous improvement within organisations.

Carl Wright, Chief Commercial Officer of AttackIQ, commented on the importance of the new enhancements. "Many organisations struggle to keep pace with evolving threats due to the challenges of security control testing, leaving them vulnerable to attack," he said. "Flex 2.0 addresses this challenge by providing on-demand, actionable insights. Our new Insights Dashboard empowers security teams to improve their overall security performance, while our expanding compliance test packages help organisations mitigate risk and avoid costly penalties."

Flex 2.0 also supports the Digital Operational Resilience Act (DORA) and the NIST Cybersecurity Framework (CSF) 2.0 with the introduction of new test packages. These packages allow organisations to gain visibility into their cybersecurity posture against specific requirements set by DORA and NIST. Two DORA test packages, Basic and Advanced, cater to different testing needs. In contrast, the NIST CSF test packages provide a starting point for assessing security within the "Protect" function, also available in Basic and Advanced versions.

Another significant enhancement in Flex 2.0 is its expanded testing capability. It includes new assessments that target emerging threats and commonly used adversary tactics, techniques, and procedures. The expanded testing also involves enhanced security baselines that test critical controls such as network security, next-generation firewalls, and endpoint detection and response.

AttackIQ notes that Flex 2.0 leverages advanced adversary emulation based on the MITRE ATT&CK framework, aiming to test security controls rigorously. The user-friendly platform is designed to deliver comprehensive adversary campaign testing, detailed performance metrics, and actionable recommendations. Additionally, the flexible, pay-as-you-go model and easy deployment make the solution accessible to organisations of all sizes.

AttackIQ, known for its foundational role in the MITRE Engenuity Center for Threat-Informed Defense, aims to support organisations in planning security improvements and verifying that cyber defences work as expected. The company's commitment extends to supporting MSSP partners through its Flexible Preactive Partner Program, which provides turn-key solutions to elevate client security.

Flex 2.0 is available now to existing Flex customers. The comprehensive set of features and enhancements aims to provide organisations with the tools necessary to keep pace with the evolving cybersecurity landscape and achieve compliance with key regulatory standards.