SnapAttack, a cybersecurity firm, announced the launch of its Community Edition, a free of charge, open platform that gives threat intel analysts, red teams, detection engineers and threat hunters an operational platform to accelerate the maturity of security operations.
Additionally, in support of improving the world’s security, SnapAttack is releasing immediately actionable content corresponding to the latest threats from Russia, including HermeticWiper, IsaacWiper, HermeticRansom and WhisperGate. This content is available within the Community Edition.
It includes four attack sessions showing the actual real-world kill chain and nine detection analytics designed to pinpoint this specific adversary tradecraft within users’ environments.
Community Edition members will have access to the full-featured, core components of the SnapAttack platform, allowing them to share actionable threat intelligence data and create vendor-agnostic detection analytics. Community members vetted and approved by SnapAttack will be given content authorship privileges, allowing them to develop and disseminate actionable content to all community users. The new feature also includes access to open-source content from popular community tools, such as Atomic Red Team and Sigma, and will continue to expand over time. The Community Edition is a permanent platform feature that will be forever free as part of our commitment and core mission to help improve security writ large.
“We can’t overstate the Community’s power to accelerate SecOps maturity across all organisations,” said Peter Prizio, Chief Executive Officer at SnapAttack. “With our Community strategy, our customers will benefit thousands of security researchers and content engineers, crowdsourcing the hard work of keeping up with the latest threats – including state-sponsored attacks stemming from current and future geopolitical conflicts. We believe that hope is not a strategy and that threat detection analytics must be proven to be reliable. Our team of researchers and curators will work to ensure all community-published content meets our stringent requirements on quality, accuracy and precision.”
Threats from cybercriminals and nation-state actors continue to escalate. Yet, intel analysts, threat hunters and Security Operation Centres (SOCs) struggle to keep up with the latest threats because the volume is too high and the resources for those who build detections are too scarce. Community users will have the ability to engage with over 700 pieces of curated threat intel, 400 attack sessions simulating real-world attacks like ransomware, and over 2,200 proven detection analytics that can be directly deployed to other security tools in Community users’ environments. In addition, users will be able to access:
- SnapAttack’s proprietary attack session capture tool enables security testers to create attack session snapshots that enable our no-code detection engineering platform.
- Base content pack of Russia/Ukraine adversary tradecraft. New tactics, techniques and procedures (TTP) and malware variants will be added as they are identified.
- Opportunities to take security to the next level through subscription packages that provide additional features such as deeper tool integrations, advanced reporting and exclusive subscription-only content on the latest threats.