We are proud to announce that SCYTHE has been recognized as a 2020 Innovators' Showcase Honoree! Each spring, the Intelligence and National Security Alliance (INSA) and the Intelligence and National Security Foundation (INSF) partner with ODNI to create a forum through which industry and academia can share their research and development projects with key government Science and Technology (S&T) and procurement officials.
SCYTHE was selected as a 2020 Honoree for its innovation and forward thinking in cyber and the abstract submission: Intelligent Automated Threat Emulation. The challenge with cybersecurity is that we have no way to empirically measure its efficacy. There are opinions and lab tests, but exploitation and breaches continue unabated because they are approximations within an infinite knowledge base: we repeatedly learn yesterday to get to tomorrow. Furthermore, the greatest surface area risk is rarely measured or included: people, the employees that regularly use the computers and degrade (or support) the defensive controls that are in place. Only by measuring defensive technology, the users, and the defensive staff together can we get a realistic understanding of contextual operational risk. Our hypothesis is that an attacker can be represented across a finite space post-breach: communications, finite methods for command and control (C2); capabilities, attackers repeat a limited set of actions. The SCYTHE Platform also includes a Threat Automation language which allows operators to make robust, reusable, and flexible custom adversaries in a portable fashion; creating the possibility of write-once and run-anywhere threat templates. Looking forward, Threat Automation can be driven by a combination of external threat intelligence, internal use of SCYTHE to determine which steps work and vulnerabilities are exposed, and the synthesis of data by Machine Learning; to provide tomorrow’s threats, today.
The SCYTHE platform provides an advanced attack emulation platform for the enterprise and cybersecurity consulting market. The SCYTHE platform enables Red, Blue, and Purple teams to build and emulate real-world adversarial campaigns in a matter of minutes. Customers are in turn enabled to validate the risk posture and exposure of their business and employees and the performance of enterprise security teams and existing security solutions.
Congratulations to the engineering team who have been the driving force behind this effort! SCYTHE is dedicated to advancing the national security mission to protect citizens everywhere and we look forward to future opportunities to work with our government partners.