XM Cyber, an Israeli hybrid cloud security company, now provides the XMGoat open-source penetration testing tool for Microsoft Azure environments. The tool could be particularly useful for MSPs and MSSPs that are exploring potential cloud security posture management (CSPM) services, MSSP Alert believes.
The background: Roughly 40 percent of our Top 250 MSSP survey participants for 2021 said they offer CSPM to their end customers. The goal: Find and mitigate public cloud misconfigurations before hackers exploit the erroneous settings. On a similar note, XMGoat teaches pentesters, red teamers, security consultants and cloud experts how to abuse misconfigurations within Azure environments, XM Cyber stated. That way, the tool illustrates common Azure misconfigurations and the security issues associated with them.
XMGoat contains terraform templates, aka "scenarios," that contain multiple Azure environments, according to XM Cyber. It lets users automatically deploy scenarios in misconfigured Azure environments that are vulnerable to cyberattacks and data breaches.
An XMGoat scenario starts with a breach point in which a cybercriminal has gained access to an Azure environment, XM Cyber stated. A user is responsible for finding the attack path to a critical asset and compromising it.
XM Cyber offers three XMGoat scenarios:
- Compromise-Sensitive Storage Account Container: A cybercriminal can view sensitive blobs (large collections of unstructured data) from a user's storage account.
- Compromise Subscription: A cybercriminal can modify subscription permissions.
- Account Takeover, Compromise Tenant: A cybercriminal becomes a global account administrator.
XMGoat scenarios contain different breach points, critical assets and attack points, XM Cyber noted. They highlight how cybercriminals can exploit Azure misconfigurations, what causes them to happen and what can be done to mitigate them.
A Closer Look at XM Cyber
XM Cyber is a cyberattack path management platform provider owned by retail giant Schwarz Group, which acquired the company in November 2021.
Organizations can use XM Cyber's platform to identify and analyze vulnerabilities, misconfigurations and user privileges that can lead to cyberattacks, the company said. The platform provides visibility into attack paths that hackers can use to penetrate organizations' critical assets, along with risk remediation tips and resources.
MSSPs can join XM Cyber's partner program to integrate the company's platform into their security offerings. In doing so, MSSPs can use XM Cyber's platform to help their customers optimize their security posture.
