Crossbow offers live fire cybersecurity vulnerability testing

The vulnerability assessment platform is one of the most realistic tools, but also one of the most dangerous, that CSO has ever reviewed.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Sometimes the best defense is a good offense. That was the philosophy behind the SCYTHE security company’s efforts to create the Crossbow vulnerability assessment platform. Deployed using either software as a service (SaaS) or through an on-premises installation, Crossbow is a virtual threat sandbox, allowing administrators to load up and deploy actual historical attacks like WannaCry, Goldeneye or Haxdoor, or create new threats from scratch. Once loaded or created, those attacks can be sent against a protected network to probe for any vulnerabilities.

Crossbow is perhaps one of the most dangerous defensive programs that CSO has ever reviewed. All of the attacks that it can load or create are real, using actual techniques and tactics that have historically broken through cybersecurity defenses at many organizations. Only the payload is neutered, and even then, that part is optional. This makes Crossbow one of the most realistic tools out there for accessing, testing and managing vulnerabilities. To put it in perspective, Crossbow is much more akin to a live fire exercise in the military than a simulation, because the virtual threats Crossbow fires are real.

The engineers at SCYTHE created Crossbow to test three legs of cybersecurity defenses that exist at almost every organization: employees, security products and the IT staff. Campaigns can be crafted to test individual defenses, such as sending a phishing attack against employees to see how they react, or implanting a corrupt agent on a client machine using administrator credentials – to simulate a compromised admin account – and seeing how long it takes IT teams to notice and react. Because Crossbow provides real-world attack tools, simplified in an easy-to-use interface, campaigns can be created to test, and hopefully strengthen, any aspect of an organization’s cybersecurity.

The main interface of Crossbow most resembles a do-it-yourself malware attack kit, like the kind you might find or purchase on the dark web. But most of those only offer one or two attack methods. Crossbow seems to cover every vulnerability that can be used to infiltrate a network or compromise a host, and you can mix and match them as desired. When using a historical campaign, a couple clicks is all that is required to arm it.

To continue reading this article register now