Despite extensive efforts and investments, achieving an effective cybersecurity strategy continues to be an elusive concept. Enterprises are expected to spend US$90 billion on cybersecurity products in 2017, and yet a recent NSS Labs survey of CISOs in North America reveals that 52% of enterprises see no “value-add” from their currently deployed security products. Security teams are under more pressure than ever to justify budget allocation for security controls, but most of the time, security effectiveness remains a guessing game. Vulnerability assessments and penetration testing provide helpful feedback but are based on one point in time and become instantly outdated. How can an organization ensure that it is protected against constantly evolving threats?
The CAWS Continuous Security Validation Platform addresses these challenges by continuously validating security controls and monitoring vulnerable systems against active threats in the wild. Thousands of active victim machines are deployed with the most common enterprise endpoint configurations, which allows CAWS to capture live threats across 37 countries and targeting over 300 enterprise applications. Once threats are captured, they are replayed against a virtual replica of a customer’s specific environment, revealing which threats are capable of bypassing security controls. CAWS’ unique capture harness produces near-zero false positives, and security teams only receive alerts for threats that present a validated risk based on their enterprise profile. This empowers enterprises to change course from chasing down superfluous security alerts to focusing on mitigating relevant threats.
With the release of CAWS 3.0, enterprises can choose from public or private lane validation options depending on their customization needs. In a public lane instance, threats are replayed against security controls configured with vendor-recommended settings. A private lane implementation provides an organization with more granular control of security configurations, allowing active threats to be replayed against an exact replica of its own environment. Private lanes also allow security teams to replay active threats using specific configurations and tuning, allowing them to test changes to their security architecture in a virtual environment before rolling them out to a production environment.
This new release of CAWS further advances NSS Labs’ vision to deliver continuous security validation, empowering organizations to make informed decisions to improve their security and risk posture.
The following features are included in CAWS 3.0
- Completely new and intuitive user interface
- Better representation of data and trend analysis
- Improved visualization of threats, including geolocation information
- Improved search function and data filtering
- Updated API with more granular controls
- Updated payload scoring algorithm with deeper dissection of malware drops
- Improved performance and response time
NSS Labs will be demonstrating CAWS 3.0 at Black Hat 2017 in Booth #860.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.