Attending Splunk .conf21? Join us for our session, Tips from the Trenches: Practical Search and Response to Stop Ransomware with Splunk. Learn More ➞

New in GreyMatter: Industry-Leading Security Measurement and Security Controls Validation

Today we’re introducing a new set of capabilities in our GreyMatter Open XDR-as-a-Service platform that allow security leaders to track, act on, and communicate security metrics across their programs and enable operations teams to validate security controls to ensure preparedness and resiliency. These new features address some of the most critical challenges in security programs: the lack of visibility into current state, difficulties measuring and reporting progress, and the inability to be prepared for the next attack.

The new enhancements to GreyMatter address these issues, enabling security leaders to not only gain situational awareness but also close the communications gap with the business and validate their security controls so they are prepared for the next attack without needing specialized skills or incurring additional costs. The key capabilities are:

Security Metrics

Drawing from extensive experience working with security leaders at global organizations for over a decade, we have identified key metrics to help security leaders understand their posture and take actionable next steps. We formerly delivered these measures, via the Security Model Index, only during quarterly Executive Business Reviews (EBRs). Now, these key, business-ready metrics, are baked into the GreyMatter platform, giving leaders real-time views into critical areas of security operations and practices. With that greater visibility, they can understand the impact of processes, team efficiencies, and coverage gaps and prioritize actions and responses to reduce risk. All of these metrics are benchmarked against previous quarters and industry peers, giving insights into how the program is performing comparatively and how it is maturing over time.Screenshot of GreyMatter Security Model Index

Attack and Breach Simulation

Verify is ReliaQuest’s automated breach and attack simulation capability. It allows security operations teams to simulate breaches and identify gaps by mimicking the likely attack paths and techniques used by bad actors. With Verify, customers get fully packaged and field-tested scenarios that operators can run, on-demand or continuously, and get results immediately. Frequent updates to attack scenarios based on the latest threat intelligence help identify risk areas and help teams be better prepared for specific attacks. Scheduled, ongoing simulations provide continuous analysis for faster recognition of missing data or configurations that would impair security tools from detecting and responding to threats.

Screenshot of Greymatter Verify capability

The goal of GreyMatter is to help improve security operation efficacies, reduce complexity and streamline operations so you can manage risk and protect your assets better. Based on our experiences with customer environments and our close collaboration, we have identified key capabilities that help them be more efficient, improve their programs while making best use of their resources and skills.

All these capabilities are now generally available in the GreyMatter platform and customers can start using them today. Ask your Customer Success Manager if you have more questions. If you’d like to know more about these capabilities, request a free demo.

Request a demo of ReliaQuest GreyMatter

Until next time,

Ashok

More Articles

Three Tips on Measuring and Communicating Risk in a Changing Threat Landscape

Amid the current economic and operational volatility, the need for properly measuring and communicating risk has increased. Security leaders are finding themselves in the spotlight more now than ever before, faced with questions and concerns about risk and the security of their organization. What new security metrics can be used to demonstrate an organization is […]

CIS Controls 1-2: Cybersecurity Begins with Knowing What You Have and What You Don’t Need

Organizations struggle to identify and contain a breach. According to Security Intelligence, the average dwell time or “lifecycle” of an organization’s breach detection efforts was 280 days in 2020. This period played into the $3.86 million that organizations spent on average in their data breach recovery efforts for that year. Several factors can affect the time […]

Top 3 Mistakes When Simulating Cyber Attacks

Breach and attack simulation (BAS) offers an efficient way to validate and test security controls, threat detection capabilities, logging levels in an environment, and incident response workflows. Simulating cyber attacks in this manner allows for security teams to proactively identify and remediate gaps; however, if not performed correctly, security teams may end up with a […]