QA Financial Forum London | 11 September 2024 | BOOK TICKETS
Close this search box.

New simulation tool helps smaller finance firms to spot attacks

Carl Wright
Carl Wright

Testing solution provider AttackIQ has developed and launched a new solution that is aimed at testing for potential flaws and to spot cyberattacks better, primarily in the digital infrastructure of smaller finance firms.

The company told QA Financial that its new breach and attack simulation (BAS) solution, AttackIQ2.0, relies entirely on automated and on-demand adversary emulation testing, enhancing financial services firms’ ability to improve their cyber defence capabilities.

Carl Wright, the Montana-based chief commercial officer at AttackIQ, stressed that continuous security control validation is vital to maintain an agile defence stance.

However, he did stress that many smaller financial services firms, such as modestly sized asset managers or investment consultancies, find consistent and extensive testing challenging because of budget and staffing considerations.

“I reject the idea that proactive continuous security validation of an organisation’s cyber defences is too expensive.”

Carl Wright

AttackIQ’s new solution, however, is designed to support such organisations, helping them establish “a robust, threat-informed defence, regardless of their size or staffing capabilities,” as Wright put it.

He rejected the notion that continuous security control validation is a luxury beyond the reach of many.

“No, I reject the idea that proactive continuous security validation of an organisation’s cyber defences is too expensive. Every finance firm, regardless of size or expertise, can achieve a robust, threat-informed defence,” Wright stated.

2.0 platform

When asked to explain the new solution, Wright went on to point out that AttackIQ’s new 2.0 platform offers a range of testing features.

Firstly, its integration with Flex, extending testing reach through a simplified user experience, “which in turn enables security and testing teams to readily expand insights into their security posture and controls effectiveness,” he explained.

In addition, Wright singled out testing on-demand, added customisation, detection validation, comprehensive reporting, an extended test library, and benchmarking.

“Through these enhancements, organisations can more accurately test their defences against up-to-date threats,” he continued.

“This includes CISA alerts and comparing their score to others through the same security validation tests, thereby enabling more data-driven decisions,” Wright concluded.

Stay up to date and receive our news, features and interviews for free

Our e-newsletter lands in your inbox every Friday. Sign up HERE in one simple step.


DO NOT miss our upcoming Financial Forum in New York City.