Skyhawk Security announces Security Control Validation for 3rd party tools where the underlying technology leverages Agentic AI framework. It is an expansion of our cloud-native Breach and Attack Simulation (BAS) and validates the entire cloud security stack to determine if existing detection and enforcement controls would catch or prevent threats to crown-jewel assets. This provides a comprehensive view of your cloud security detection tools, identifies the gaps, and makes recommendations to close the gaps and improve your cloud security.
This capability supports security information and event management (SIEM) tools, web application firewalls (WAF), and endpoint monitoring. Sample vendors include Splunk, IBM QRadar, LogRhythm and Sumo Logic, Amazon CloudWatch, Microsoft Defender, and CrowdStrike.
This solution leverages an Agentic AI framework for Universal Data Hub which enables data from 3rd party tools, such as a SIEM, to be simplified for consumption by the Skyhawk Platform. Leveraging our Adversarial Intelligent Simulation, we can then test these 3rd party security controls and see if they protect the cloud and alert and detect as needed.
In the Blue Team view (image above) under the Attack Surface, you can see the 3rd party controls that should activate in the case of a specific attack. Additionally, it identifies the MITRE attack technique that was confirmed in the attack. This helps organizations understand the TTPs that can be most effectively used against their clouds.
The Security Advisor (image above) makes recommendations to close the gaps in your detection coverage. You can see it provides detailed scripting of what you should copy/paste to close the gaps in security to ensure the exact script gets copied correctly.
Skyhawk Security is not competing with other security tools. It is creating an ecosystem, to optimize all the security data available to increase the productivity of your security team. With Skyhawk, all your security tools contribute to helping you achieve your goal, to prevent cloud breaches.
If you are at re:Invent, be sure to visit booth #1223. Check out our re:Invent page for more information.
