Cymulate Cyclone enables pen-testing service providers to craft, automate and deliver purple teaming exercises that help their customers actively protect their network. Cyclone-based services optimize SOC detection capabilities, hone threat hunting skills and improve incident response processes.
Building upon the success of the Purple Team module for enterprise, Cymulate Cyclone is an exclusive offering for security service providers. It is a highly customizable, automated, template-driven purple teaming platform that leverages and scales pen-testing expertise. Unlike traditional automated pen-testing solutions that only offer the adversary perspective, Cymulate Cyclone integrates with security controls to also provide the defender’s findings and correlates them with attacker actions. The platform’s rich repository of attack resources and scenarios provides immediate value out-of-the-box. Boosting productivity, it automates repetitive efforts, providing expert pen testers the means to craft sophisticated and unique purple team exercises and scenarios that can be automated and reused, empowering junior team members and freeing the experts to focus on more demanding activities.
Service Offerings Include
Craft, automate and launch attack scenarios
Correlate security-control findings and validate their effectiveness
Detection and prevention
Containment and mitigation
Artifact gathering and cyber forensics
Detection and alerting efficacy
Mean time to detect
Mean time to response
*Auto-correlate security-control findings to attacks
*Auto-generate reports mapped to MITRE ATT&CK®
*Easily generate Sigma rules with the platform based on findings
*Export findings to MITRE ATT&CK Navigator
Automation and granular customizability help to capture and scale existing expertise. Expert pen testers and red teamers can create reusable and modifiable template-based assessments with flexibility to focus on a specific stage of an attack or recreate full kill chain APT scenario. These are shareable and can be reused in different service offerings and customer engagements by pen-testing team members of all skill levels. Templates can be used to create and automate routine and base-line assessments for additional efficiencies. Cyclone customizability provides full transparency to modify execution syntax, inputs, outputs, dependencies, and success factors. Cymulate Cyclone reporting provides a wealth of information including, mapping to MITRE ATT&CK TTPs, execution code, success indicators and output, IOCs, detection, and mitigation guidance.
Operationalize Threat Intelligence
& the MITRE ATT&CK framework
MITRE ATT&CK
Implementation
Threat Intelligence
Assessments
Custom
Scenarios
Security
Infrastructure
SOAR
Findings
via API
Portal
IoCs and IoBs
Mitigations Guidance
IoCs and IoBs
Mitigations Guidance
SOAR
Findings
via API
Portal
Product Features
*Fully aligned to the MITRE ATT&CK framework for the creation, execution, and analysis of assessments
*Comes loaded with a rich repository of resources, including out-of-the-box assessment templates, executions, payloads, tools, and Sigma rules
*Upload or create your own templates, assessments, payloads, executions, tools and Sigma rules
*Create and modify executions in BASH, powershell, CMD, Python and more
*Auto-correlate security-control findings to attacks via API integrations with security controls
*Executive and technical reports generated after each assessment for efficient and comprehensive customer reporting
*Automate and schedule assessments
*Full support of Windows, MacOS, and Linux Operating Systems
Learn More
BLOG
Red Team vs Blue Team vs Purple Team in Cybersecurity
PODCAST
Essential Purple Teaming Management
EBOOK
Security Validation Best Practices