to be authentic, dynamic, and provide CISOs the necessary confidence and information to build board-level trust.
Like any real adversary, the product starts with recon. The Randori Recon engine is “Black Box” —meaning we start with very little information, like an email, to kick-off our continuous reconnaissance—just like a hacker would determine what’s connected to an organization.
From there, we flavor that information with what we call “Target Temptation” to identify what things to attack first. Just like a real attacker, Randori is always working against an objective. Security teams looking at a list of top targets on the Randori platform can use Randori to determine why that target is tempting, and through the use of attack, understand if there is a route to the company’s “crown jewels,” i.e., most valuable commodities.
Unlike BAS (breach and attack simulation) solutions, the Randori attack experience is both safe and authentic. When a user launches a Randori attack, they will be learning how to protect their unique environment and a deeper understanding of how to protect their real production assets. Hence the meaning behind the company name Randori, which means “freestyle practice against an adversary.”
TAG Cyber: Before a company conducts a pen test or red team, how should they prepare?
First, start with the basics. The point of a red team engagement or a penetration test is to learn. If there are things you already know you need to address, address those first. After that, you should stress the entirety of a program to see how hard it would be for an attacker to zig-zag through an organization.
Secondly, not every security program is ready for a red team. Don’t jump to bringing on a high-end red team unless you’re prepared for high-end learnings. If you’re still focused on blocking and tackling, maybe you’re not ready to get a red team to beat you up.
TAG Cyber: No type of security testing is beneficial unless something can be done with the results. How does Randori help with remediation?
It’s an interesting question and one that comes up with almost every customer. I’ll give you the same answer that I used to give on red team engagements, and I now use talking with Randori customers.
The goal of Randori is to challenge your assumptions. We leverage our perspective as an adversary to raise questions, uncover issues, and identify process failures organizations may otherwise overlook. We are not trying to find every vulnerability; instead, we aim to help organizations up level their security program by identifying systemic failures and empowering their teams with the skills needed to get to the root cause. Sometimes that’s a patch—but far more often remediation in the Randori context involves providing security teams with the evidence they need to change processes and training. Rather than fixating on the specific issue, we encourage our customers to focus on enacting changes, such as network segmentation, improved visibility, and better training. These things allow companies to build security programs resilient to entire categories of risks, not just the latest vulnerability.