Help AG is to offer cyber-attack and defence simulation services to its customers, to help train and test their defence capabilities against a myriad of real-world cyber-attacks.
Help AG initially custom-built the simulation environment to train its own ethical hacking and security analytics teams, but now wants to leverage this platform to deliver its new ‘Red Team/Blue Team Simulation’ service.
This service simulates attacks on the network, Operating System (OS), and web-application layers and enables IT professionals to train in defence scenarios that accurately mimic key real-world threats.
Explaining the need for organisations to provide their cyber security teams with hands-on cyber defence training Mukhammad Khalilov, manager security analysis at Help AG said, “In case of cyber-attacks, rapid response is vital to mitigating the impact, protecting sensitive data and ensuring business continuity. Our new service delivers the most comprehensive preparation so that in the event of an attack, rather than being overwhelmed, security teams know exactly what to do and can take immediate and definite action to protect their networks.”
Prior to execution of the Red Team/Blue Team Simulation service, Help AG will conduct a review of the customers’ security posture by assessing the technical capabilities of their in-house IT team, analysing the security solutions deployed and the related security policies. This will be followed by technical training sessions and hands-on exercises in which up-to seven trainees test their cyber defence capabilities against Help AG’s ethical hacking experts. Khalilov stated that the entire process can be completed within approximately four to five man-days depending on the type of security training required.
It took over six months to build the cyber-defence lab for research and development for the latest hacking exploitation and prevention techniques and has extensively utilized the infrastructure for internal trainings. This environment is capable of simulating attacks on web servers, VoIP servers, Linux services, databases and over 25 systems-based vulnerabilities and provides trainees with defence solutions from leading vendors including F5 Networks, Palo Alto Networks, Symantec, Infoblox, Carbon Black, Splunk, and others, the company said.
“This service has evolved out of our extensive experience in ethical hacking which has enabled our team to publish over 60 zero-day vulnerabilities in solutions from leading technology vendors. As a natural progression and extension of our penetration testing service, we are excited to now equip our customers with the hands-on experience they need to effectively detect and mitigate cyber threats,” said Khalilov.