Help Net Security interviews Scott Sutherland, VP of Research at NetSPI. They delve into the intricacies of the Breach and Attack Simulation (BAS) platform and discuss how it offers unique features – from customizable procedures to advanced plays – that help organizations maximize their ROI. Read the preview below or view it online.


Can you provide a high-level overview of NetSPI’s Breach and Attack Simulation platform and what makes it unique?

We deliver a centralized detective control platform that allows organizations to create and execute customized procedures utilizing purpose-built technology and professional human pen-testers. Simulate real-world attack behaviors, not just IOCs, and put your detective controls to the test in a way no other organization can.

Can you speak to how organizations can visualize ROI through the NetSPI platform?

Breach and Attack Simulation solutions should help provide ROI in a variety of ways:

  • BAS solutions should provide data insights into where your detective and preventative control gaps are so you can make intelligent choices about where to invest your security dollars. This should include point-in-time and overtime reporting to justify or validate investments meaningfully. For example, this should include visualizations showing how investments in new data sources can increase alert coverage for common attack behaviors. Another typical example would be visualizing the increase in detection rule coverage results from adding another detection engineer.
  • Recruiting, training, and educating pentest and SOC teams can take time and money. Most BAS tools should include educational material that your teams can use to understand how to execute and detect common attack behaviors within the application. This can save both time and money in the long run.
  • There are hundreds, if not thousands, of hacker tools. Researching, installing, and running them to simulate the newest malicious behavior can be time-consuming and risky if the mechanisms are better understood. BAS solutions can take that off your team’s plate so they can focus on doing the job of simulation, detection engineering, and control validation/tuning.
  • Finally, tracking the average ransomware trends can help people estimate the potential cost of the ransomware incidents that BAS solutions are designed to help prevent and detect.

Continue reading at