Press
BDO Digital Integrates OnDefend’s Cutting Edge Breach and Attack Simulation Technology Into its Active Assure Security Service
April 16, 2024
BDO Digital incorporates OnDefend's new breach and attack simulation tech
Read
BlindSPOT: Top Updates and New Features from the Year
October 10, 2024
SecurityUpdates
A Note from the CTO:
One year ago, the OnDefend team launched what could be put into the category of a ‘newsletter,’ but in reality, it’s our commitment to transparency in showcasing the latest updates and features of the BlindSPOT product. So many times, a tool you already have implemented in your system has a cool, new, and exciting feature, but no one ever told you (the user).
One year later, we’re taking the opportunity to look back at the last year and pull some of our favorite items. While it’s a lot like picking your favorite child, we picked three features to highlight, which we think reflect the growth of the BlindSPOT capabilities over the past year.
Everything on our roadmap is designed to make BlindSPOT the best option for you to safely and quickly test your defenses, and a lot of the ideas we’ve featured in these updates have come from customer feedback and suggestions, so thank you!
-Ben Finke, OnDefend Co-Founder/CTO
1. Alert Validation is Live
In the spirit of Halloween, it’s impossible not to say ‘Alert Validation is alive’ without putting a Frankenstein tone on it. Back to the point.
Alert Validation went live in December 2023. This feature powered by BlindSPOT automates end-to-end security tool testing to verify your detection rules are working & will successfully alert your team when you need them most.
The mission of BlindSPOT is to help you test the assumptions you have about your defenses. One assumption everyone makes is that the alerts you depend on work, and that if an attack is detected it will happen quickly!
Alert Validation is specifically built to help you answer this question, in a completely automated way.
We leverage the Attack Simulation capability within BlindSPOT to execute attack activity on endpoints in your environment, then connect to your security tools and find the alerts you expect to fire – and give you all the details about them:
We’ll show you the exact alerts firing in your tools, and how long it took for them to fire (in this case, just over 7 minutes). If any alerts you were expecting don’t fire, we’ll let you know.
All this means you get proactive testing of your detection capabilities, end to end, fully automated and over time you get a Detection Uptime report!
2. New PowerShell Module
Powershell is such a powerful tool, but to really take advantage of it (and demonstrate whether you have visibility into it) we really wanted to construct a way for you to start a Powershell process and interact with it throughout the simulation.
Launched in June 2024, this module is just one example of the improvements being made to allow your BlindSPOT simulations to look as realistic as possible.
We added a new PowerShell module to the list of payload modules. Previously the run module was the most common way to execute any PowerShell activity, but that meant every step that ran PowerShell started a brand-new PS process, executed the command, and then exited the process.
Our PowerShell payload module starts a PS process and then lets you interact with it throughout the simulation. So, if you set a variable in step 8, you can reference it again in step 17! And if you bypass a security control (cough AMSI cough), you get to take advantage of that work for the rest of the simulation.
Catch Up on BlindSPOT’s Summer Updates
3. Offline Scoring Sheets
From our famous “Speed” newsletter, we wanted to highlight the creation of the scoring sheets, to help with the understanding of the campaign activity and turbocharge the ability to rapidly score your assessments, even if you can’t use our integration directly to your tools.
One of the biggest friction points with purple team exercises is how long it takes to get through a workshop, and BlindSPOT is here to speed that up – letting you run more (and better) exercises, more often.
The spreadsheet file that you download has all of the details you’re used to seeing in BlindSPOT, and even has dropdowns for you to select the outcome and the security tool:
When you are done, just save the spreadsheet file, and upload it back into the campaign from the same menu, and BlindSPOT will update the campaign score for you, from the spreadsheet.
Oh, and it works for entire projects too, in one sheet! That’s what we call speed and funcitonality.
. 
One Last Thing….
Whether this if your first time diving into BlindSPOT’s updates or you’ve been on this journey for a while, thank you. We plan to continue making progress and sharing those updates with you. We are committed as an organization to continue pushing boundaries within the world of innovation, BlindSPOT is the product of that.
If you want to stay in the loop about what’s happening at OnDefend & BlindSPOT, including our upcoming webinars, the latest cybersecurity trends, and product updates, then follow us on Facebook, Twitter, and LinkedIn @ondefend.
THE FIRST STEP TO A MORE SECURE FUTURE
Connect with Us to Stay in Touch
PressSecurityUpdates
BlindSPOT Newsletter: The Inaugural Edition
October 16, 2023
The latest BlindSPOT updates, a breach and attack simulation solution.
Read
ServicesUpdatesWebinar
CISA Year In Review: A deep dive into the biggest threats, an outlook into the new year and how to prepare.
January 22, 2024
Analyze the biggest trends, threats, and targeted industries in 2023. Discover why these threats topped the list and learn steps organizations can take to prevent and respond to attacks in 2024.
Read