SCYTHE Unveils Version 4.2 of Its Flagship BAS+ Platform

SCYTHE Unveils Version 4.2 of Its Flagship BAS+ Platform

The latest release marks a significant leap in revolutionizing adversarial emulation, detection engineering, and purple teaming

SCYTHE, the leading provider of advanced cybersecurity solutions, today announced the release of version 4.2 of its flagship adversarial emulation system, BAS+. This latest version introduces powerful new capabilities designed to significantly enhance cybersecurity operations, streamline integration processes, and provide comprehensive insights into system vulnerabilities and defense mechanisms.

Key Enhancements in SCYTHE 4.2:

Endpoint Cyber Hygiene Tests: The release introduces DISA STIGS / NIST-based endpoint cyber hygiene tests, empowering organizations to ensure that their endpoints adhere to industry best practices for security. This crucial capability helps identify and mitigate possible exposures, mitigating endpoint security risks. These tests will also provide teams with real-time proof of the endpoint’s security posture.

Incremental Command-by-Command Campaign Execution: SCYTHE 4.2 brings an innovative approach to campaign execution, enabling teams to execute tests incrementally, command by command. This critical update is tailored for detection engineering development work and purple teaming orchestration, allowing precise control and real-time adjustments to cybersecurity strategies.

Purple Assessments Module: The purple assessment module is a new platform add-on designed to drive the purple team process, document and analyze exercise activities, and provide invaluable insights into the effectiveness of security measures. It enables teams to track the outcome of each command from detection to logging, alerting, blocking, or unmanaged (and a risk), offering enhanced reporting capabilities and a comprehensive view of an organization’s cybersecurity posture.

No-Code Integration Framework: A pioneering capability for BAS+, the new integration framework offers teams a seamless, no-code solution to integrate SCYTHE with any tool. This ubiquitous integration capability ensures organizations can effortlessly connect (and define integration behavior) their entire security toolset, fostering a cohesive and responsive cybersecurity environment.

Expanded Threat Library with Tagging: SCYTHE continues to advance its pre-packaged threat library by adding new endpoint and cloud threats. These additions ensure teams have access to the most current and emerging threat scenarios, enabling better preparation and defense against sophisticated cyber attacks. Additionally, to make the most of the content, threats are tagged by industry, type, and more, enabling teams to focus on what matters most to them.

AI-Chatbot Enhancements and Performance Improvements: The release also includes significant enhancements to SCYTHE’s AI-chatbot, Cl0ppy, with a v2 of its beta. These improvements focus on enhanced performance and advanced capabilities to assist teams in cybersecurity operations. This capability is available to current customers or prospects through an opt-in beta request with a general release target of late spring 2024.

Simplified Installation via Containers: Recognizing the importance of ease of deployment, SCYTHE has simplified the installation process for its on-prem version with a container-based approach. This enhancement facilitates quicker setup and deployment, allowing teams to rapidly integrate BAS+ into their security infrastructure. SCYTHE’s containerized solution offers security isolation, limited resource utilization, portability, and easier deployments making it the ideal BAS+ solution.

A Revolution in Cybersecurity Integration and Emulation

“SCYTHE 4.2 represents a significant leap forward in our commitment to providing advanced cybersecurity solutions to multiple teams — red, blue, purple, and IT — who need an effective and user-friendly platform,” said Marc Brown, VP of Product of SCYTHE. “With these new capabilities, we are setting a new standard for integration, adversarial emulation insight, and cybersecurity preparedness, ensuring that our clients are equipped to meet the evolving challenges of the digital age head-on.”

Share