AttackIQ Announces the First Commercial Continuous Security Validation Platform Built on the MITRE ATT&CK Matrix

Enterprises can Rapidly Test Security Stacks to Detect and Block against Adversary Techniques, Tactics and Procedures

SAN DIEGO, CA--(Marketwired - Oct 24, 2017) - AttackIQ™, a leader in the emerging market of continuous security validation, today announced the general availability of its new FireDrill™ platform supporting the MITRE ATT&CK Matrix, a curated knowledge base and model for cyber adversary behavior useful for planning security improvements and verifying defenses work as expected. The first-of-its-kind platform will enable CISOs to more effectively validate security controls and reduce risk by taking an offensive approach to cyber defense. This will give teams a deeper understanding of a potential intrusion chain of events, through attack simulation and the ability to proactively defend against known TTPs.

"AttackIQ's implementation of the MITRE ATT&CK Matrix into the FireDrill continuous security validation platform is encouraging," said Frank Duff, lead for MITRE's Leveraging External Transformational Solutions in Cybersecurity at the MITRE Corporation. "Commercial and Federal government entities alike can gain significant insight into organizational security postures, products and processes by assessing themselves against the known threat. Describing this threat via the ATT&CK Matrix enables a common way of communicating their organization's security, as well as identifying potential weaknesses to enable improvement."

Key Benefits of the Continuous Security Validation Platform built on the MITRE ATT&CK Matrix:

  • Automate time-consuming manual processes
  • Extend the coverage and depth of validation efforts
  • Gain deeper understanding of vulnerabilities and risk
  • Understand the impact of threats to your organization
  • Better protect against potential threats
  • Free up red teams' time to focus on critical priorities

AttackIQ, known for its Offensive Defense strategy, pledges that security teams will find protection failures before the adversary by augmenting red teams with their patented attack simulation platform. This approach gives red teams the ability to provide augmentation to test more; blue teams a continuous security control validation tool to locate problems before attackers do; and incident response teams the ability to exercise "at will" to evaluate performance or identify process gaps. Furthermore, this plan of action gives CISOs constant insight into the effectiveness of the company's security controls and posture.

"AttackIQ and the MITRE ATT&CK framework provides us with a unique insight into our security controls and maturity," said Stuart McIntosh, Security Analyst, Fortune 500 Financial Services Provider. 

"Our newest version of the AttackIQ platform is dedicated to operationalizing the MITRE ATT&CK Matrix. This will allow our customers to rapidly and continuously validate their security controls and processes against MITRE's thought leading security attack framework," said Stephan Chenette, CEO and co-founder of AttackIQ.

The continuous security validation platform built on the MITRE ATT&CK Matrix is available, visit for more information, or to attend a webinar on the topic, visit

About AttackIQ
AttackIQ, a leader in the emerging market of continuous security validation, built the industry's first platform to give mid-market and large enterprises the ability to test and measure the effectiveness of their security capabilities. The open FireDrill™ platform provides insight into how well current security tools, products and processes are working. The AttackIQ Community, which launched in July 2016, brings together the brightest minds in the security industry to challenge existing security practices and bring a more collaborative methodology to validating security decision-making. With its FireDrill™ platform and purpose-built community, AttackIQ is changing the security game. For more information visit Follow AttackIQ on Twitter, Facebook, LinkedIn, and Vimeo.

Contact Information:

Sarah Thorson
10Fold Communications


AttackIQ's FireDrill intuitive user dashboard with comprehensive visualizations of events in real time