Breach risk assessment firm FireCompass on Thursday unveiled a new Artificial Intelligence (AI)-powered platform that mimics thousands of hackers trying to break into an organization, thus enabling the IT security teams to launch continuous safe attacks to identify blind spots before hackers do.
Created by a team of serial cybersecurity entrepreneurs, the Continuous Automated Red Teaming (CART) platform is already in use by top companies, including Sprint (now a part of T-Mobile), Security Innovation, and others, spanning multiple industries.
“Organisations typically conduct security testing only a few times a year on a partial list of online assets, excluding shadow IT unknown to security teams. Meanwhile, hackers are always attempting attacks on the entirety of their assets,” said Bikash Barai, Co-Founder of FireCompass.
“At FireCompass, our vision is to make the CART platform available to all so that organizations can discover and test all their assets at all times – just like real attackers do”.
The solution runs continuously without the need for software, hardware, or additional employee resources.
It indexes the deep, dark, and surface web using similar reconnaissance techniques as nation-state actors.
The platform automatically discovers an organization’s ever-changing digital attack surface, including unknown exposed databases, cloud buckets, code leaks, exposed credentials, risky cloud assets, and open ports, etc, the company said.
The attack engine then launches multi-stage attacks, which include network attacks, application attacks, and social engineering attacks, on the discovered digital surface to identify attack paths that are otherwise missed by conventional tools.
FireCompass is a software-as-a-service (SaaS) platform for Continuous Automated Red Teaming (CART) and Attack Surface Management (ASM).
Founded by industry veterans Bikash Barai, Nilanjan De, and Priyanka Aash, FireCompass is backed by leading investors and venture capitalist funds.