securiCAD Vanguard is a cloud native attack simulation and automated threat modeling SaaS service that enables you to automatically simulate attacks on a virtual model of your AWS environment – to find, prioritize and mitigate weak links before attackers exploit them. By providing securiCAD Vanguard with read access to standard AWS APIs, a model of your environment is automatically built and visualized.
By simulating attacks on the model, securiCAD Vanguard will assess the consequences of your AWS configuration, existing vulnerabilities and misconfigurations to prioritize mitigations in the context of the actual system and its high value assets. (See use case: Fully automated security assessments of cloud architectures)
securiCAD Vanguard is currently in a free and open Early Access phase where anyone can sign up and run the pre-configured demo scenarios. The full Early Access functionality using your own AWS data can be requested inside the application.
securiCAD Vanguard is fully automated and non-disruptive. The attack simulations are conducted on virtual models that are automatically generated and will not interact with the actual environment in any way. securiCAD Vanguard leverages the vast amount of data available in AWS to automate threat modeling of cloud environments and bring unprecedented insight with cutting edge attack simulations.
Specifically developed and fully integrated with Amazon Web Services
Fully automated model generation and visualization of AWS environments with automated attack simulations
Attack simulations are conducted on virtual models of collected data and will not interact with the actual environment
No installation or privileged access needed. Required data is collected through read access to standard AWS APIs
securiCAD Vanguard is a SaaS that will soon be available in AWS Marketplace. Below is a selection of features that will be available in the service at launch. Sign up for the early access pilot program below to try out securiCAD Vanguard now.
AWS concepts, services and their configurations are represented in the virtual models
Choose between different attack scenarios e.g., Internet attacker or Insider
Find the most critical paths from the attacker’s entry point to your high value assets
Find the structural weaknesses (e.g., the combination of a vulnerability and a misconfiguration) in your architecture.
Find chokepoints (or key assets) in your architecture that the attacker exploits to reach high value assets
Import data from vulnerability scanners to asses and prioritize current software vulnerabiltites
A virtual model of your AWS environment is automatically generated and visualized