Proactive risk and threat simulations in the cloud
|Funding from Vinnova
|SEK 1 895 000
|November 2018 - January 2020
|Collaboration projects in cybersecurity and digital infrastructure
Purpose and goal
The increasing use of cloud environments has created new opportunities, but also risks. The flexibility and scalability offered by a cloud-based architecture makes it difficult to manually map environments, possible vulnerabilities, and potential threats. A clear understanding of the threat landscape is a prerequisite for an effective defense strategy. Our project has developed and tested a prototype for proactive threat simulations in the cloud. The simulated attacks give us important knowledge about how to secure the cloud against threats and prioritize its vulnerabilities.
Expected results and effects
The project has resulted in an improved framework for threat modeling and attack simulations (MAL - Meta Attack Language), a for cloud (specifically Amazon Web Services) domain-specific language (awsLang), a prototype where awsLang is used in an efficient and user-friendly way in foreseeti´s platform securiCAD, as well as testing it in large cloud environments at Klarna and validating it in external environments (CloudGoat). Foreseeti has been classified a Selected Technology Partner by Amazon and the product, securiCAD Vanguard, will soon be released on the Amazon Marketplace.
Planned approach and implementation
KTH has done research and published the results as open source. foreseeti has then (further) developed its platform adapted for these research results, which has been tested at Klarna. The process was highly iterative with several rounds of research, development, requirement elicitation, and testing. This arrangement with few partners and clear roles has worked well. We have actively made sure that the progress and results have been communicated, which has been noticed in e.g. Computer Sweden and at Amazon events.