securiCAD Vanguard – Attack simulation-based security analysis for AWS
securiCAD Vanguard is fully automated and non-disruptive. The attack simulations are conducted on virtual models that are automatically generated and will not interact with the actual environment in any way. securiCAD Vanguard leverages the vast amount of data available in AWS to automate threat modeling of cloud environments and bring unprecedented insight with cutting edge attack simulations.
Specifically developed and fully integrated with Amazon Web Services
Attack simulations are conducted on virtual models of collected data and will not interact with the actual environment
Fully automated model generation and visualization of AWS environments with automated attack simulations
No installation or privileged access needed. Required data is collected through read access to standard AWS APIs
No data is saved
No sensitive data is saved, read our data policy here
“It is a cost-effective way to assess vulnerabilities, the effort to get insights is minimal, but above all, gives us consistent and unbiased results”
– Mark Strande, CSO, Klarna
“A great security technology for DevOps that enables Shift-Left and Continuous Delivery for AWS Cloud”
– Kevin Valdek, CTO, HIGH MOBILITY
About securiCAD Vanguard
securiCAD Vanguard allows developers and cloud security architects to get an overview of the cyber security characteristics of their AWS environment.
Attack simulations and automated threat modeling will enable you to automatically simulate attacks on a virtual model of your AWS environment. By providing securiCAD Vanguard with read access to standard AWS APIs, a model of your environment is automatically built and visualized. By simulating attacks on the model, securiCAD Vanguard will assess your AWS configuration, existing vulnerabilities and misconfigurations.
AWS concepts, services and their configurations are represented in the virtual model.
Find the most critical paths from the attacker’s entry point to your high value assets and the chokepoints (key assets) in your architecture that the attacker is expected to exploit to reach the high value assets. (See use case: Fully automated security assessments of cloud architectures)
- Prevent breaches by analyzing your AWS configuration, allowing you to detect misconfigurations, potential lateral movements and to prioritize vulnerabilities
- Generate and visualize a digital twin of your AWS environment and run automated attack simulations, to get reports with the most likely attack paths, weak spots and risk exposure
- Secure, on-demand analysis of AWS configurations including IAM, VPC, EC2, S3, Inspector and more. No installation or privileged access needed.
AWS concepts, services and their configurations are represented in the virtual models
Choose between different attack scenarios e.g., Internet attacker or Insider
Find the most critical paths from the attacker’s entry point to your high value assets
Find the structural weaknesses (e.g., the combination of a vulnerability and a misconfiguration) in your architecture.
Find chokepoints (or key assets) in your architecture that the attacker exploits to reach high value assets
Import data from vulnerability scanners to asses and prioritize current software vulnerabiltites