+1 (512) 588 6950
BAS is a type of an advanced security testing method. It is designed to determine if an organisation’s existing security controls detects and respond to attack as they should in order to improve the security posture of the organisation.
Some of the BAS Platforms are:
The below diagram shows where an Attacker behaviour seen during Intelligence Analysis is executed in BAS Tool and response is observed by the operators for Security Gap Analysis.
BAS tools assist with performing gap analysis by continually conducting full attack cycle simulation against the enterprise infrastructure mainly using MITRE Framework. This test is usually carried out by the purple team during the ‘threat-informed defense’ strategy which consist of 3 elements:
Purple team maximises defensive capabilities to protect the most critical assets by coordinating and coupling the activities of red and blue teams.
Two well-known uses cases are:
This use case is used to validate your organisation existing security control policy to ensure it was deployed properly. The process includes selecting an existing individual security controls for your asset, creating or using existing BAS unit tests templates to run against the target controls, execute those test and analyse the result.
To validate: security controls, operating system policy and other native controls. QA testing for gap analysis can be applied to:
Below is an example AttackIQ result of the purple team exercise using BAS tool + MITRE Framework. AttackIQ is a security optimisation platform that provides automated security control validation.
Finally, Mitigate and Revalidate Control Gaps!