UPDATED 09:00 EST / MARCH 12 2018

APPS

GuardiCore updates its free Infection Monkey tool for deeper penetration testing

Israeli cybersecurity startup GuardiCore Ltd. today announced a significant update to its free, open-source security penetration testing tool Infection Monkey, which is used to simulate attacks on data center infrastructure.

Introduced in 2016, Infection Monkey is a “self-propagating” testing tool that information technology teams can use to find weakness in their on-premises and cloud-based data centers.

The tool works by scanning the network for open ports and fingerprinting machines using multiple network protocols. Once it finds a vulnerability in the network, it attacks it using a variety of methods, including password guessing, by drawing on data on the systems it has breached, such as user credentials. Infection Monkey then tries to infect as many machines in the system as possible, in order to highlight how vulnerable they are.

The tool is designed to complement GuardiCore’s deception-based security platform Centra, which works by rerouting suspicious connections to a sandbox where the attacker is allowed to carry out the actions intended against the original target, so that IT teams can learn more about individual threats.

“While traditional testing tools and services offer in-depth, specific assessments of network vulnerabilities, Infection Monkey provides a safe means to conduct continuous testing, giving security professionals a very clear picture of any vulnerability in real time and what to do to fix them,” said Ofri Ziv, head of Guardicore Labs.

Infection Monkey is gaining some new features with its 1.5 release. The most compelling updates are its enhanced platform support, which makes the tool much more useful for enterprises running modern IT environments. The latest version now includes support for the Amazon Web Services, Microsoft Azure and Google Cloud Platform public clouds, as well as Docker containers, which are used by developers to build software applications that can run on any infrastructure.

The new release also covers more security exploits. Infection Monkey can now simulate an attack on hosts using SambaCry and Elastic Search vulnerabilities. It can also attack Windows machines using something called the hash hacking technique.

Other updates include a new user interface that GuardiCore says enables faster deployment and continuous use, as well as a new visual map display that illustrates lateral movement inside the network with details of successful and unsuccessful attack attempts.

Image: GuardiCore

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU