Skip to content
    Search

    HOW SAFEBREACH Increased Visibility and Gained Control Over Their Assets With AXONIUS.

     

     
    safebreach-logo_2022

    A pioneer in breach and attack simulation (BAS), SafeBreach is the world’s most widely used continuous security validation platform. Born in 2014, the company’s award-winning BAS solution enables modern enterprises to continuously and safely execute attacks, validate and optimize the efficacy of their security controls, and prioritize remediation efforts to mitigate their most critical gaps before a breach occurs.

    Key Challenges

    • Limited visibility of assets
    • Needed full control of AWS accounts
    • Inability to clearly understand IT environment
    Solution

    Axonius Cybersecurity Asset Management
    Results

    After implementing Axonius, SafeBreach now has control over its assets and knows exactly what it has, allowing the company to advance the state of its security program. By identifying unused assets, SafeBreach reduced spend, increased optimization, and maximized ROI.

    IDENTIFYING THE RIGHT SOLUTION

    You can’t secure what you don’t know or see. SafeBreach, a global breach and attack simulation cybersecurity company, had limited transparency into its devices. Without full visibility into the company’s data and computing assets, there was no way to secure SafeBreach’s infrastructure.

    “We couldn’t get visibility or a really good handle on where all the assets are. Native tools just aren’t enough. Axonius really simplified the whole process of discovering and now managing our inventory and assets.”

    — Avishai Avivi, CISO at SafeBreach

     

    SafeBreach is a cloud-first company, with almost all of its infrastructure based on AWS Cloud. As a result, it was easy to bring on more assets, compute, and storage – and before long, its infrastructure became a “spaghetti of resources” that IT and security teams had no visibility into. 

    “The solution I was looking for is something that would be able to automatically look at my environment, make sense out of it, and give me an organized set of assets that I can now look at and manage appropriately,” said CISO Avishai Avivi.

    Avivi knew that SafeBreach needed to mitigate risk before it was too late. So he started reaching out to peer CISOs to discover what asset management solutions might meet their needs. That’s when he discovered Axonius.

    SIFTING THROUGH THE “SPAGHETTI OF RESOURCES”

    By this point, SafeBreach was experiencing issues daily. For instance, employees would need an IP address but wouldn’t be able to track a machine down because they wouldn’t know the account or region. There was no way to get a quick answer – everything required sleuthing, and troubleshooting became a major chore. 

    Ironically, these issues were happening because of SafeBreach’s success. Organic growth led to organic byproducts of growth. Thus, the “spaghetti of resources” was created. It was impossible to know what was going on, much less what assets were actually being used or what could be trimmed. 

    I did a proof of value with Axonius and the process was ridiculously easy,” said Avivi.

     

    Aggregating different AWS accounts was impossible before Axonius. “We had 5-7 AWS accounts where the DNS entries would be in one account but the machines sat in another account,” said Avivi. “These could also be sitting in multiple regions – figuring this out would have taken us so much longer before. Axonius makes it easy, where all I need to do is write the right query and I see everything in one table, rather than having to chase different accounts, instances, and regions.” 

    After hearing about Axonius at a dinner of other CISOs, Avivi took the plunge. He picked Axonius because he knew other solutions wouldn’t meet his needs. “Just seeing the first couple of adapters be installed and immediately seeing results was a great selling point. Because the deployment process was so simple, I didn’t need a lot of training and became self-sufficient fairly quickly.”

    INCREASING VISIBILITY WITH AXONIUS

    SafeBreach purchased Axonius directly through the AWS Marketplace – which made the process simpler and faster. “As an added bonus, we were able to get AWS credits towards our purchase. So easy, fast, and a lower cost. I mean, it can't get much simpler than that,” said Avivi. 

    The company now has the ability to audit users, get notified when new devices and IPs enter the network, and can automatically scan them for vulnerabilities. For instance, a scanner alerted the team that an asset had 10 critical vulnerabilities – and Avivi knew that this didn’t sound right. Axonius helped SafeBreach verify that this asset had dropped off, but this wasn’t yet reflected in the scan.

    “In a matter of minutes, we got the report, ran a query, and knew it wasn’t an issue. Before, this would have taken another half hour to figure out where that asset is, especially since it's no longer in one of our environments. Axonius helped us reduce the level of alarm and verify that we needed to take action to remove that IP from being scanned again later.”

    This is the value SafeBreach realizes from using Axonius: increased visibility and a real-time view of the company’s assets, devices, and users. But that’s not the only use case. The company soon realized Axonius was helpful in discovering offboarding variances. They then started looking for more use cases Axonius could support and realized that there’s a lot of synergy between Axonius and the SafeBreach platform. 

    So they started developing an Axonius adapter for SafeBreach. “Understanding what environments are covered by the SafeBreach platform is a huge benefit for customers with very complex environments,” says Avivi. “They might not even be aware of environments that aren’t being tested properly in their current security validation platform.”

    Avivi no longer feels like SafeBreach doesn’t have control over its assets. “I know exactly what I have. I know that Axonius will be aware of and report on any new asset that gets added or any assets that drop off.” SafeBreach now has full visibility and control over its AWS environment, from compute to storage to the user point of view.

    “If you need an asset management solution that can help you discover and manage your environment, I honestly cannot think of a better solution than Axonius. One of the reasons that I'm giving this testimonial is because of how Axonius has helped SafeBreach advance the state of our security program. If any of my peers asked me for my thoughts, Axonius would be my solid recommendation. It's a tool that just works.

    STREAMLINING SAFEBREACH’S SECURITY POSTURE WITH AWS AND AXONIUS

    The Axonius and AWS partnership provides joint customers like SafeBreach a more efficient approach to managing their ever-evolving cloud infrastructure and related security posture.

    With the AWS and Axonius integration, customers can correlate AWS services, such as vulnerability findings from GuardDuty and security control insights from SecurityHub, with other IT and Security solutions to reduce their attack surface as they move more assets into the cloud. This integration delivers extended visibility and intelligence around security control coverage across AWS assets and provides deeper context to help customers understand whether AWS assets meet company policies and align with security best practices.

    As an AWS partner, Axonius integrates with many AWS services, including Macie, SecurityHub, GuardDuty, and Inspector, to help customers mitigate threats, navigate risk, decrease incident response time, automate action, and inform business-level strategy.

    See the Platform

    See the Axonius Platform for yourself with an interactive product tour, where we'll guide you through key applications of our Cybersecurity Asset Management and SaaS Management solutions.

    Book a Demo

    Request a demo to learn how the Axonius Platform provides a system of record for all digital infrastructure helping IT and security teams manage an always-expanding sprawl of devices, users, software, SaaS applications, cloud services, and the tools used to manage and secure them.