Breach and attack simulation tools – deployment and operational experience
Tools for the simulation of cyber-attacks ("breach and attack simulation") are a relatively new category of tools for testing the information security of companies. These tools automatically simulate cyber-attacks, validate deployed measures, identify vulnerabilities in infrastructure, applications, or processes and, thanks to this, enable better prioritization of other activities in the field of information security, from removal of individual vulnerabilities to larger investments. The presentation summarizes the real experience of deploying one such tool in a corporate environment.
Tomáš Trávníček leads the information security team at ŠKODA AUTO a.s., whose goal is to ensure the IT security of the automaker's environment, from production facilities and office environments to systems that communicate with connected cars. He has been working in information security for 15 years in various roles ranging from auditor and consultant to ensuring secure development to his current governance role.