Bitdefender (bitdefender.com), a global cybersecurity leader, today announced Bitdefender Offensive Services¹, a new offering designed to proactively assess, identify, and remediate security gaps in an organization’s environment (on premises, cloud, hybrid) through penetration testing and red team simulated attacks.
In an independent global survey of 400 IT and cybersecurity professionals, more than half (52%) of businesses surveyed suffered a data leak or breach in the last 12 months. When asked about the security threats that pose the greatest concern, respondents indicated they are most concerned about software vulnerabilities and/or zero-days threats (53%). These findings correlate with Bitdefender Labs’ research that shows a marked increase of cybercriminals exploiting known software vulnerabilities using proof of concept (PoC) attacks.
Bitdefender Offensive Services bolster the company’s managed detection and response (MDR) portfolio and provide organizations with a proactive means to fortify environments, reduce risk, and meet regulatory/compliance mandates such as SOC 2, HIPAA, GLBA, FISMA, PCI-DSS, NIS2 and ISO 27001 as the threat landscape evolves. The services are led by its elite team of cybersecurity analysts, researchers, threat hunters, and CREST-accredited ethical hackers enhanced by the Bitdefender Global Protective Network, an extensive network of hundreds of millions of sensors continuously collecting threat data worldwide.
Additionally, Bitdefender’s new services support organizations adopting Continuous Threat Exposure Management (CTEM), a cybersecurity process that employs controlled attack simulations for identifying and mitigating threats to networks, systems, and supply chain environments. This allows stress testing security posture and identifying vulnerabilities before they are exploited by real attackers.
About Bitdefender Offensive Services
• Bitdefender penetration testing service -- is tailored for each organization based on multiple factors including industry type, operational infrastructure, software adoption, and perceived risk. The ethical hacking team performs a vulnerability assessment to identify security weaknesses of systems covering networks, applications, mobile devices and more. Weaknesses found are used to conduct authorized simulated cyberattacks, testing the organization’s cybersecurity defenses and controls such as user authorization, authentication, and integrity against industry standards. An in-depth report is delivered to help remediate security gaps, educate on potential consequences had the attack been real, and strengthen overall security posture.
• Bitdefender red teaming service -- is a human-led, intelligence-driven exercise that simulates real-world threat actors including advanced persistent threats (ATPs) to demonstrate how attackers would attempt to compromise critical functions and underlying systems of an organization. In contrast to penetration testing, red teaming is objective-based, open-scoped, and executed covertly during a longer window of time to assess an organization’s total cybersecurity ecosystem covering people, processes and technologies. The attacks are guided by the Techniques, Tactics and Procedures (TTPs) of the MITRE ATT&CK Framework to mimic adversarial behaviors using specific attack methods including social engineering, customized tools and malware, post-breach lateral movement and more. The Bitdefender red team improves an organization’s ability to detect and respond to attacks and be more cyber resilient should an incident occur.
According to the Gartner® Top Trends in Cybersecurity 2023 report,“By 2026, organizations prioritizing their cybersecurity investments via a continuous threat exposure management (CTEM) program will suffer two-thirds fewer breaches.”²
“As malware, vulnerability exploits, phishing and other attacks continue to escalate and evolve, organizations that take proactive measures to cybersecurity and its continuous improvement will be vastly more secure,” said Andrei Florescu, deputy general manager and senior vice president of products, Bitdefender Business Solutions Group. “With the addition of Bitdefender Offensive Services to our world-class MDR offering, businesses have a straightforward approach for improving security posture and having critical elements of their security operations spearheaded by a highly talented team of practitioners.”
¹Bitdefender Offensive Services are derived from the acquisition of Horangi Cyber Security
²Gartner, Top Trends in Cybersecurity 2023, 17 March 2023
Gartner® is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.