After successfully developing a custom-built cyberattack and defence simulation environment to train its ethical hacking and security analytics teams, Help AG, a leading information security services, consultancy and solutions provider in the Middle East, announced it will leverage this platform to deliver its new ‘Red Team/Blue Team Simulation’ service.
A first in the region, this service simulates attacks on the network, operating system (OS) and web-application layers, enabling IT professionals to train in defence scenarios that accurately mimic key real-world threats.
Explaining the need for organisations to provide their cybersecurity teams with hands-on cyberdefence training Mukhammad Khalilov, Manager Security Analysis at Help AG, said: “In case of cyberattacks, rapid response is vital to mitigating the impact, protecting sensitive data and ensuring business continuity. Our new service delivers the most comprehensive preparation so that in the event of an attack, rather than being overwhelmed, security teams know exactly what to do and can take immediate and definite action to protect their networks.”
Prior to execution of the Red Team/Blue Team Simulation service, Help AG will conduct a comprehensive review of the customers’ security posture by assessing the technical capabilities of their in-house IT team, analysing the security solutions deployed and the related security policies.
This will be followed by in-depth technical training sessions and hand-on exercises in which up-to seven trainees test their cyberdefence capabilities against Help AG’s ethical hacking experts.
Khalilov stated that the entire process can be completed within approximately four to five man-days depending on the type of security training required.
The company has invested over six months in building its cyberdefence lab for research and development for the latest hacking exploitation and prevention techniques and has extensively utilised the infrastructure for internal trainings.
This environment is capable of simulating attacks on web servers, VoIP servers, Linux services, databases and over 25 systems-based vulnerabilities and provides trainees with defence solutions from leading vendors including F5 Networks, Palo Alto Networks, Symantec, Infoblox, Carbon Black, Splunk and others.
“This service has evolved out of our extensive experience in ethical hacking which has enabled our team to publish over 60 zero-day vulnerabilities in solutions from leading technology vendors. As a natural progression and extension of our penetration testing service, we are excited to now equip our customers with the hands-on experience they need to effectively detect and mitigate cyber threats,” said Khalilov.