June 9, 2021
I was recently asked a question while pitching our platform that made me think about Snap Labs in a new context. The question went something like –
What makes Snap Labs a top 3 priority for a CISO or executive leadership team to implement?
On its own, any individual technology or product would be hard pressed to meet this standard. This is especially true in the cybersecurity industry where there are immediate and tangible threats to the business on a daily basis. How do you decide what technologies to purchase, what talent to invest in, and what projects to pursue that are going to most effectively protect your business? It’s a tough problem to approach! This really made me take a step back and consider what value Snap Labs is bringing to our customers, and how this value fits into the larger goal of significantly improving the cybersecurity posture of the business.
As a former red teamer, I approached this question by thinking about the organizations I’ve assessed that were most successful at stopping my team and I from reaching our objectives. Properly implemented cybersecurity products and technologies certainly came to mind: EDR solutions, patching tools and processes, and SIEM solutions with the right visibility and alerts are all effective speed bumps to an attacker. But the more I thought about this question the more I came to the conclusion that all these technologies fundamentally rely on a capable team of cybersecurity professionals to configure and operate them.
Without a strong team, cybersecurity tools are only as effective as their out of the box configurations. If the SIEM alerts on malicious activity in your environment, but your team can’t effectively and efficiently respond to that alert, the SIEM’s value is all but lost. As a CISO or other cybersecurity leader, I would always prefer a strong team with a weak technology stack over the inverse. I might even argue that filling your cybersecurity team with talented and capable professionals should be your number one priority. So my answer to the question of why Snap Labs is a top 3 priority for the CISO is this:
Snap Labs helps your cybersecurity team train effectively and frequently with your existing production tools.
The Snap Labs platform has a number of powerful capabilities that make it an effective training platform, but a few stick out to me as particularly advantageous to the enterprise security program. With Snap Labs you can:
Spin up and access a realistic lab environment in minutes, completely isolated from your production network. Use these labs for analyzing suspicious files, validating new detections for malicious activities, or testing new scripts and processes.
Configure your Snap Labs environments to use the same tools already deployed in your production networks, and ensure you get the most out of your existing cybersecurity investments.
Build practical, hands-on training scenarios that are specific to your organization and toolsets. Quickly bring new team members up to speed on the concepts and technologies you care about.
Lab environments and cyber ranges are extremely effective and often underappreciated tools. I’d be willing to bet that almost 100% of the top cybersecurity teams and individual researchers utilize a lab environment to some extent. At Snap Labs, we’re making these critical training tools easier than ever to build, manage, and share with your team and the cybersecurity community.