Breach risk assessment firm FireCompass on Thursday unveiled a new Artificial Intelligence (AI)-powered platform that mimics thousands of hackers trying to break into an organisation, thus enabling the IT security teams launch continuous safe attacks to identify blind spots before hackers do.
Created by a team of serial cybersecurity entrepreneurs, the Continuous Automated Red Teaming (CART) platform is already in use by top companies, including Sprint (now a part of T-Mobile), Security Innovation and others, spanning multiple industries.
“Organisations typically conduct security testing only a few times a year on a partial list of online assets, excluding shadow IT unknown to security teams. Meanwhile, hackers are always attempting attacks on the entirety of their assets,” said Bikash Barai, Co-Founder of FireCompass.
“At FireCompass, our vision is to make the CART platform available to all so that organisations can discover and test all their assets at all times – just like real attackers do”.
The solution runs continuously without the need for software, hardware or additional employee resources.
It indexes the deep, dark and surface web using similar reconnaissance techniques as nation-state actors.
The platform automatically discovers an organisation’s ever-changing digital attack surface, including unknown exposed databases, cloud buckets, code leaks, exposed credentials, risky cloud assets and open ports, etc, the company said.
The attack engine then launches multi-stage attacks, which includes network attacks, application attacks and social engineering attacks, on the discovered digital surface to identify attack paths that are otherwise missed by conventional tools.
FireCompass is a software-as-a-service (SaaS) platform for Continuous Automated Red Teaming (CART) and Attack Surface Management (ASM).
Founded by industry veterans Bikash Barai, Nilanjan De and Priyanka Aash, FireCompass is backed by leading investors and venture capitalist funds.