WHAT IS CYMRIX?
We’re Changing the Way Organizations Defend Against Ransomware
The Cymrix Platform is a comprehensive solution for measuring and enhancing cyber resilience. Through its Breach and Attack Simulation (BAS) capabilities, the platform automatically tests the effectiveness of your organization's prevention and detection tools.
Unlike other platforms, Cymrix was designed through reverse engineering and the de-weaponization of authentic malware samples to safely simulate a ransomware infection on your production network from the perspective of a real-world hacker.
HOW DOES IT WORK?
Utilizing tactics and procedures aligned to the MITRE ATT&CK framework, Cymrix finds and fingerprints internal attack surfaces, identifies exploitable vulnerabilities, incorrect configurations, obtainable credentials, and product defaults from the perspective of a real-world adversary.
Cymrix empowers security teams to identify specific targets exposed to infection allowing them to assess security policies, controls, and solutions stack proactively and in real-time.
Installation
It begins by installing a lightweight agent on “Patient Zero” and then uses the same Adversary Tactics, Techniques, and Procedures (TTPs) that real attackers leverage to compromise environments.
Propagation
As Cymrix moves throughout the network, it tracks and records critical data and systems, sensitive or regulated network segments, and operational single points of failure.
Detailed Reporting
Cymrix’s reporting feature details a step-by-step lateral attack path and provides your organization with a visual roadmap to remediate data separation, network segmentation, and user permissions.
OUR CUSTOM SOLUTION
The Ransomware Impact Analysis (RIA)
Cymrix assists organizations of all sizes in understanding the impact of ransomware on their infrastructures by employing the same tactics, techniques, and procedures of real-world adversaries.
Cymrix discovers attack vectors, validates their efficacy, gives "evidence" to validate each flaw (or chain of weaknesses), enumerates all data and hosts that the threat would potentially compromise and encrypt, and provides remedial instructions to prevent the threat in the future.
Our Ransomware Impact Analysis is a consultative engagement designed to provide you with an actionable depiction of your network if it were compromised by a real ransomware attack. The engagement is delivered in four phases: Training, Impact Analysis, Ransomware Attack Simulation Scenarios, and Reporting.
Training
We educate your team on how typical ransomware gets delivered and spreads
Ransomware Attack Scenarios
We run live-fire simulations on your environment from multiple scenarios and threat models
Impact Analysis
We identify your critical assets and show you how they would be affected in an actual attack
Detailed Reporting
We provide you with precise recommendations to reinforce your security controls and defenses
​
WHY CYMRIX?
A threat-centric approach is essential to making data-driven security decisions.
In the face of ever-changing threats, traditional techniques of analyzing security controls are no longer adequate. Companies need to think like hackers to stay ahead of them. Don't wait for a ransomware attack to happen to your business. Take proactive measures and protect your data today.