Booz Allen Launches SnapAttack™, a Cloud-Based Purple Teaming Platform
Booz Allen Hamilton has launched SnapAttack™, a cloud-based software solution for unifying threat intelligence and hacker detection. This tool facilitates collaboration between red and blue teams, enhancing their ability to detect and respond to sophisticated cyber threats. Notably, it addresses issues like alert fatigue faced by cybersecurity analysts, who reportedly receive over 5,000 alerts daily. SnapAttack allows teams to centralize offensive tradecraft, improve detection with existing tools, and measure risk effectively. The platform is continuously updated with the latest attack techniques.
- Launch of SnapAttack™, enhancing collaboration between red and blue teams.
- Addresses alert fatigue in cybersecurity teams, improving efficiency.
- Utilizes over 1,000 cataloged attacks, increasing readiness against threats.
- Continuous updates to attack techniques enhance threat detection capabilities.
- None.
MCLEAN, Va.--(BUSINESS WIRE)--Booz Allen Hamilton (NYSE: BAH) announced today the availability of SnapAttack™—a cloud-based software solution that brings together actionable threat intelligence and hacker detection. By unifying the security lifecycle into a single solution, SnapAttack enables red and blue teams to work together, emulating attacks from intelligence data, sharing insights of malicious behavior, and developing vendor-agnostic behavioral detection analytics to stop advanced adversaries.
Today’s red and blue teams use multiple, siloed products for key functions like threat intelligence, incident detection and response, breach and attack simulation, and continuous monitoring, causing them to struggle to keep up with the latest threats and attack methods. Compounding the issue, cybersecurity analysts experience alert fatigue from the high volume of alerts they receive, many of which are false positives. In fact, 93 percent of organizations reportedly receive more than 5,000 alerts per day, but on average, security teams only investigate 51 percent of these alerts.
“We built SnapAttack to satisfy a critical need to help our own red and blue teams collaborate more effectively. This approach continually increases our confidence in detecting sophisticated threats through threat hunting and improving our defenses in support of clients worldwide,” said Garrettson Blight, Booz Allen’s Director of Dark Labs. “We’re now offering this product, borne out of Booz Allen’s expertise in commercial and nation-state-level cyber operations to help our clients do the same.”
As a cloud-based software solution, SnapAttack is always up to date. New attack techniques and analytics are regularly pushed to subscribers, but advanced teams can harness the full power of the platform to create their own attack techniques and analytics based on internal threat intelligence.
With SnapAttack, security teams can:
- Centralize Offensive Tradecraft: Capture and organize the latest adversary tradecraft—from their own internal threat data or Booz Allen’s ever-growing attack database—in an easily digestible and actionable way. This helps security teams gain confidence in their organization's ability to prepare for, prevent, and detect emerging threats. Today, there are more than 1,000 attacks catalogued in the SnapAttack database—and counting.
- Improve Detection with Existing Tools: Use Booz Allen’s advanced analytic builder to create, test, and deploy high-quality behavioral analytics for their existing security tools. Reduce the time and skill level needed to create new detection logic that has higher confidence and lower false positives, and is more robust to attack variants.
- Measure and Reduce Risk: Validate their security controls—such as antivirus, endpoint detection and response, and custom security information and event management (SIEM) alerts—against true positive attacks, mapped to the industry standard MITRE ATT&CK® framework. Track detection coverage and gaps, and gain quantifiable evidence of a program’s effectiveness.
“SnapAttack addresses the needs of CISOs and SOC leads to deploy proactive, preventive security measures that continuously test cyber defenses to get ahead of attacks by identifying and addressing potential vulnerabilities and control gaps before the adversary can,” said Brad Medairy, a Booz Allen Executive Vice President and leader of the firm’s cybersecurity and engineering business. “This tool is a culmination of years of offensive and defensive cyber operations experience – consistently defeating advanced persistent threats.”
Designed to improve the detection of malicious behavior at the endpoint, SnapAttack supports the top endpoint detection and response (EDR) vendors in the marketplace. To learn more about SnapAttack or request a demo, visit: https://www.boozallen.com/s/product/snapattack.html.
To learn more about Dark Labs, Booz Allen’s elite team of security researchers, analysts, and scientists, visit: https://www.boozallen.com/expertise/cybersecurity/dark-labs.html.
BAHPR-CO
About Booz Allen
For more than 100 years, military, government, and business leaders have turned to Booz Allen Hamilton to solve their most complex problems. As a consulting firm with experts in analytics, digital, engineering, and cyber, we help organizations transform. We are a key partner on some of the most innovative programs for governments worldwide and trusted by their most sensitive agencies. We work shoulder to shoulder with clients, using a mission-first approach to choose the right strategy and technology to help them realize their vision. With global headquarters in McLean, Virginia and offices worldwide, our firm employs nearly 27,200 people and had revenue of
