Having good security is of utmost importance, specially because we rely so much our technology. What better way to test out the safety of your network than to breach it yourself? Guardicore Labs has developed one such cyber-security tool called Infection Monkey that simulates that and more.
It is an open-source breach-and-attack simulation (BAS) tool for testing networks against attackers and internal server infections. This means that it analyzes your network as if it were an attacker, detects weak spots and other vulnerabilities, and generates a detailed report. It is also non-intrusive which doesn’t have an impact on your network.
— Guardicore (@Guardicore) October 10, 2019
How does it work?
The simulation starts at a random location in your network and it self-propagates within the system like a virus. When it does, it identifies and visualizes attacking paths in your network. It then reports all the information to a centralized server called Monkey Island. In turn, this server controls and visualizes the Infection Monkey’s progress inside the data center.
The Infection Monkey helps you verify the security on your network, achieving full network coverage. It uses several methods to reach the attack capabilities. SambaCry, Shellshock, and Elasticsearch Groovy are just a few of the capabilities available.
Along with these attacking features, it also has detection capabilities. Some of the propagation techniques are credential analysis, alerts on cross segment traffic, and tunneling. In addition, the Infection Monkey recently added the Zero Trust evaluations as an extension of it.
The Industry's 1st #ZeroTrust Assessment Tool is NOW AVAILABLE for download! Never Trust, Always Verify with @Guardicore #InfectionMonkey – Get it Here: https://t.co/2LRJh7x1mJ #BAS #networksecurity pic.twitter.com/tMYN3D81RI
— Guardicore (@Guardicore) October 17, 2019
With this, you will be able to test all of your environments performing against a Zero Trust security posture and get a detailed report. The Infection Monkey is totally free so you can fill out their form to get their download link. To start using it, check out their quick guide on how to get started.
YouTube: Guardicore Infection Monkey Installation