Continuous Breach & Attack Simulation
from Picus

Picus Security verifies the effectiveness of deployed security technologies by simulating cyber-attacks against IT security technologies.

USPs

  • STRESS TEST IN PRODUCTION ENVIRONMENTS

    Picus Security conducts security effectiveness tests in production environments because they provide better and more realistic responses to cyber-attacks compared to tests in static lab environments.

  • ELIMINATE IT SECURITY GAPS!

    Identify existing security gaps or configuration weaknesses and use the remediation recommendations of Picus Security to quickly eliminate vulnerabilities.

  • MAXIMIZE THE EFFECTIVENESS OF IT SECURITY!

    Picus Security helps companies to sustainably increase the detection rate of cyber-attacks and thus maximize the effectiveness of the IT security technologies used.

  • INCREASE THE REACTION EFFECTIVENESS!

    By verifying the existing attack surface, IT security gaps can be closed faster.

  • CHALLENGE YOUR OWN IT SECURITY!

    Allow the security team to attack the security infrastructure in the corporate network with real threats before cyber criminals do.

Product & Function Overview

Picus Security verifies the effectiveness of the implemented security technologies by evaluating the response to simulated cyber-attacks.

The basis for this is a database provided and constantly updated by Picus Security with real "Cyber-Threat Samples" for the misuse of vulnerabilities and exploits, for malware attacks, for web application attacks as well as for data leakage.

For this purpose, cyber-attacks are simulated in a company network between 2 user-defined end points, which should be evaluated as real attacks by the respective defence instances at the gateway, at the end point as well as email GW. The route between the two defined end points is referred to as a so-called vector, e.g. Attacker > Client LAN, Attacker > Mail-GW, Attacker > EndPoint.

 



Which threat scenarios are simulated during the cyber-attacks carried out:

  • Attacks by known ActiveX Controls, Java Applets, Ransomware, (attack) Scripts, Spyware, Trojans, Viruses, Worms
  • Attacks on Web Applications through Command Injection, Cross-Site Scripting, Denial of Service, Directory Traversal Attack, Local File Inclusion, SQL Injection, XML Injection
  • Attacks by exploiting vulnerabilities such as Command Execution Exploits, DoS Exploits, Local Exploits, and other Remote Exploits

The simulation of these attacks provides the first results after only a few hours, which can be used to optimize the security level.

 


Picus Architektur

Impact of the technology on security, compliance, TCO & optimization of resources

  • COMPLIANCE

    Regular security checks in production environments are constant requirements of guidelines such as ISO, BSI or PCI-DSS. With Picus these can be performed automatically and continuously.

  • INCREASE OF THE IT SECURITY LEVEL

    By checking the IT security technologies used with Picus Security, undiscovered security gaps and faulty configurations can be detected and quickly eliminated before potential attackers can exploit them.

  • OPTIMIZATION OF RESOURCES

    By using Picus Security, IT departments can automate certain assessment activities and thus optimize the use of often limited resources.

  • REDUCTION OF TOTAL COSTS

    By using Picus Security, existing IT security technologies can be used more effectively. Furthermore, the holistic and manufacturer-neutral verification of security solutions enables a clear TCO cost analysis and identification of further targeted investments.

  • Application scenarios of the technology

    SECURITY EFFICIENCY VERIFICATION OF:
    • DLP Technologies
    • E-mail Systems
    • EndPoint Security Technologies
    • IPS Technologies
    • FW / NGFW Technologies
    • Content Filter / Proxy Technologies
    • Malware Sandbox Technologies
    • WAF Technologies
  • Benefits of a partnership with Picus Security

    • Entry into the future market "Breach and Attack Simulation (BAS) Ideal for the development of new business areas in consideration of Maintaining existing customers and acquiring new customers
    • The sales and growth potential with new customers lies in the assessment of existing IT security solutions. Regardless from whom the above technologies were acquired, partners can acquire new customers through Picus Security.
    • The revenue and growth potential with existing customers lies in the assessment of existing IT security solutions. Because existing customers use the above technologies, the chances of cross-selling sales with Picus Security are very attractive.
    • Once an assessment has been completed, further services such as "Security GAP analyses" can be offered as optimization measures.
  • Benefits of a partnership with ectacom

    • ectacom is a business development distributor specialized in CyberSecurity.
    • ectacom offers sales and technical expertise to significantly reduce the time required for partner training.
    • ectacom provides partners with experienced business development managers, technical architects, consultants, and marketing experts for Picus Security.
    • Together with partners and vendors, ectacom develops targeted marketing campaigns for existing and new customers of Picus Security.

Do you have questions about Picus?

Contact us:
Tel. +49.8102.8952-0

Or write to us:

Further Informations:

For more information, visit
the Vendor’s website:

Ectacom HQ Munich

ectacom GmbH
+49 8102 8952-0
Friedrich-Bergius-Str. 12
D-85662 Hohenbrunn
Germany

ECTACOM Vienna

ectacom GmbH
Am Europlatz 2
A-1120 Wien
Austria

ECTACOM POLAND

+48 501 295 580
This email address is being protected from spambots. You need JavaScript enabled to view it.