Review: AttackIQ FireDrill watches the watchers>
CSO, from IDG – John Breeden Ii
This penetration testing tool is configured to operate from the inside, with the primary goal of identifying flaws, misconfigurations and outright shortcomings in all other cybersecurity defenses. The main FireDrill management console either sits in the cloud or can be installed locally on premises if an organization wishes. In addition to the main console, which is used to configure and deploy tests against protected assets as well as collecting those results, users will need to deploy agents. There are agents available for all forms of Windows and Mac OS systems, plus most flavors of Linux. Deploying those agents involves a fairly simple wizard-supported process to ensure that the right agents get to the correct assets. There are actually two types of agents: static and dynamic. Once the agents are in place, users can choose from an existing library of 1,260 attack scenarios, all of which are highly configurable based on the unique environment where they are deployed. Testing can take some time to complete depending on the scope and type of test, but generally lasts a few minutes. Once complete, users can see a general report showing which assets failed the testing and which passed. Clicking on those results explains which defenses are responsible for protecting assets, and why others failed to do so.

Over the course of testing with FireDrill, it became obvious why a testing tool like this that is designed to evaluate other tools can be so helpful in defending modern networks ireDrill can also be configured to interface with any network security information and event management system (SIEM).
Link: https://www.csoonline.com/article/3331173/network-security/review-attackiq-firedrill-watches-the-watchers.html?utm_source=Adestra&utm_medium=email&utm_content=Title%3A%20Review%3A%20AttackIQ%20FireDri