- Axonius Federal Systems
A pioneer in breach and attack simulation (BAS), SafeBreach is the world’s most widely used continuous security validation platform. Born in 2014, the company’s award-winning BAS solution enables modern enterprises to continuously and safely execute attacks, validate and optimize the efficacy of their security controls, and prioritize remediation efforts to mitigate their most critical gaps before a breach occurs.
You can’t secure what you don’t know or see. SafeBreach, a global breach and attack simulation cybersecurity company, had limited transparency into its devices. Without full visibility into the company’s data and computing assets, there was no way to secure SafeBreach’s infrastructure.
SafeBreach is a cloud-first company, with almost all of its infrastructure based on AWS Cloud. As a result, it was easy to bring on more assets, compute, and storage – and before long, its infrastructure became a “spaghetti of resources” that IT and security teams had no visibility into.
“The solution I was looking for is something that would be able to automatically look at my environment, make sense out of it, and give me an organized set of assets that I can now look at and manage appropriately,” said CISO Avishai Avivi.
Avivi knew that SafeBreach needed to mitigate risk before it was too late. So he started reaching out to peer CISOs to discover what asset management solutions might meet their needs. That’s when he discovered Axonius.
By this point, SafeBreach was experiencing issues daily. For instance, employees would need an IP address but wouldn’t be able to track a machine down because they wouldn’t know the account or region. There was no way to get a quick answer – everything required sleuthing, and troubleshooting became a major chore.
Ironically, these issues were happening because of SafeBreach’s success. Organic growth led to organic byproducts of growth. Thus, the “spaghetti of resources” was created. It was impossible to know what was going on, much less what assets were actually being used or what could be trimmed.
Aggregating different AWS accounts was impossible before Axonius. “We had 5-7 AWS accounts where the DNS entries would be in one account but the machines sat in another account,” said Avivi. “These could also be sitting in multiple regions – figuring this out would have taken us so much longer before. Axonius makes it easy, where all I need to do is write the right query and I see everything in one table, rather than having to chase different accounts, instances, and regions.”
After hearing about Axonius at a dinner of other CISOs, Avivi took the plunge. He picked Axonius because he knew other solutions wouldn’t meet his needs. “Just seeing the first couple of adapters be installed and immediately seeing results was a great selling point. Because the deployment process was so simple, I didn’t need a lot of training and became self-sufficient fairly quickly.”
SafeBreach purchased Axonius directly through the AWS Marketplace – which made the process simpler and faster. “As an added bonus, we were able to get AWS credits towards our purchase. So easy, fast, and a lower cost. I mean, it can't get much simpler than that,” said Avivi.
The company now has the ability to audit users, get notified when new devices and IPs enter the network, and can automatically scan them for vulnerabilities. For instance, a scanner alerted the team that an asset had 10 critical vulnerabilities – and Avivi knew that this didn’t sound right. Axonius helped SafeBreach verify that this asset had dropped off, but this wasn’t yet reflected in the scan.
“In a matter of minutes, we got the report, ran a query, and knew it wasn’t an issue. Before, this would have taken another half hour to figure out where that asset is, especially since it's no longer in one of our environments. Axonius helped us reduce the level of alarm and verify that we needed to take action to remove that IP from being scanned again later.”
This is the value SafeBreach realizes from using Axonius: increased visibility and a real-time view of the company’s assets, devices, and users. But that’s not the only use case. The company soon realized Axonius was helpful in discovering offboarding variances. They then started looking for more use cases Axonius could support and realized that there’s a lot of synergy between Axonius and the SafeBreach platform.
So they started developing an Axonius adapter for SafeBreach. “Understanding what environments are covered by the SafeBreach platform is a huge benefit for customers with very complex environments,” says Avivi. “They might not even be aware of environments that aren’t being tested properly in their current security validation platform.”
Avivi no longer feels like SafeBreach doesn’t have control over its assets. “I know exactly what I have. I know that Axonius will be aware of and report on any new asset that gets added or any assets that drop off.” SafeBreach now has full visibility and control over its AWS environment, from compute to storage to the user point of view.
See the Axonius Platform for yourself with an interactive product tour, where we'll guide you through key applications of our Cybersecurity Asset Management and SaaS Management solutions.
Sign-up for a free full-access 30 day trial to learn how Axonius gives IT and security teams a comprehensive understanding of all assets, their relationships, and business-level context including devices, identities, software, SaaS applications, vulnerabilities and security controls, and more.