Google Cloud is introducing Attack Simulation within its platform
This is great step forward for cloud security platforms
One of the best things about Cloud Security is how new capabilities keep getting added to cloud platforms every year
The unique model of the cloud also means that you dont have to do any deployments and these new features can just be deployed with a button click
Last year Google mentioned that they had acquired Forseeti which is a startup focused on Attack simulation and this feature would be coming to the platform soon
At Next ’22, introducing new capabilities for secure transformations
But what is Attack Simulation and what makes it a big deal ?
Why Attack Simulation is needed
In the good old days of cybersecurity we used to do penetration tests to check what weaknesses were present in our environments
Life was simple .. hire an expert to do a pentest .. get the report .. fix the issues and wait for the next year for another pentest
Unfortunately we realized very quickly that pentests are not continuous and only a present a snapshot of a particular point in time
We moved onto Red and Blue team exercises where a team would role play the part of the attack and another team would try to defend against thier attacks
These are great exercises and you can find out a lot about how good your environment actually is but with a few key drawbacks:
Time ! .. these activities need to be planned and thought out and are quite heavy on resources. Again this is not something which can be done continuously and weaknesses may arise which you are not aware about
Cost ! .. it is possible to outsource this activity but again this is not cheap and can be quite heavy on the cybersecurity budget.
This is where Breach and Attack simulations come in
Benefits of Attack Simulation
An Attack simulation platform like the name says simulates the entire chain of an attack from start to finish within a controlled environment
It then presents you the entire path it took .. what worked and what controls were bypassed giving you a full picture of your environment
This multi-stage approach is amazing and you can launch multiple attacks within a single platform ( which gets updated regularly with new attacks also )
You can simulate malware, data leakage and advanced multi-stage APT attacks.
Think of them as red / blue teams on steroids and they can run continuously giving you a much better picture of your environment.
GCP introducing attack simulation
Typically you needed to implement commercial solutions to get Attack Simulation capabilities which could cost a nice amount.
Just recently, however Google had made a major announcement recently with the announcement of Attack Simulation within their Google Command Center platform
This feature will be made available soon within the platform but it is a great step forward for cloud security
Why (and how) Google Cloud is adding attack path simulation to Security Command Center
This is a huge improvement for cloud security enabling teams to move beyond just fixing security issues and misconfigurations and move onto proper attack simulations.
Analysis of these attack paths will be great to find out what areas are present that attackers can take advantage of
As per Google — “ We are adding an advanced simulation engine to attack path analysis that will identify assets that are most vulnerable to attack, which can help defenders know where to apply the right security controls to better protect their cloud environment”
This will enable cloud security teams to model how attackers would operate in a real-world manner.
The best part of this solution is that it would take into account the value of the cloud assets + level of effort , enabling identification of critical attack paths.
Attack simulations can also be configured to run continuously and populate its information with other metadata from Cloud Data
Looking ahead
This is great step forward for Cloud Security and cannot wait to similar functionality being made available in the cloud providers.
As attackers get more and more complex, having such functionality will make life a lot easier for us !