First, let me say happy new year! The holiday season has come and gone—seemingly overnight—and just like that, 2024 is well underway. At SafeBreach, we are eagerly looking to the new year and all that it will bring, including new goals and new opportunities to empower customers with greater visibility into the efficacy of their security tools and programs. But, before we completely close the book on 2023, I wanted to take a moment to reflect on the previous year—it has been one of challenges, resilience, and growth for SafeBreach. Together, with the support and partnership of the SafeBreach community, we have accomplished some impressive things in 2023 and it felt fitting to close out the year with a few highlights.
Enterprise Customer Growth
In the past year, we saw a significant shift in the demand on CISOs to provide greater visibility and accountability around the efficacy and ROI of their security programs to boards and regulators alike. Our focus and commitment to understanding and innovating around these day-to-day challenges led to new capabilities designed to support our enterprise customers, including enhanced scalability, expanded use cases, and a clear plan to meet new demands as the market continues to evolve. As a result, we saw significant growth in our Fortune 500 customer base, despite the challenging microeconomic environment. Going into 2024, we are serving some of the largest financial services, healthcare, manufacturing, and transportation organizations in the world, solidifying our position as the leading enterprise breach and attack simulation (BAS) solution on the market.
Product Innovations
The SafeBreach team worked diligently throughout the year to introduce new product innovations that enhance the value customers derive from our platform. Towards this end, we launched the security posture dashboard designed to support the clarity and consistency with which organizations can track their security posture. The dashboard distills results from multiple run tests into a single score that shows an organization’s posture across various threat vectors to support prioritization and resourcing decisions.
We also introduced new capabilities that security team operators can use to create more realistic attack flow stories with complex, conditional branches and success criteria definitions. As a result, users can better represent, test against, and assess their response to dynamic attacker behavior.
This year’s launch of the SafeBreach Academy provided customers with a more personalized onboarding experience that includes actionable tutorials to help utilize the platform’s extensive feature set, integrate it with existing business systems and workflows, and achieve their security goals.
We added initial content support for Google Cloud Platform (GCP), which has laid the groundwork for additional enhancements we plan to roll out for all of our cloud capabilities in 2024. Finally, we revamped our API documentation to enhance the user experience—it’s now easier to search, understand, and try the various provided API endpoints.
Strength & Resilience of Our Team
Unfortunately, 2023 will always bear the shadow of the atrocities we all witnessed on October 7. As an organization with an Israel-based office and employees, we were impacted by these events on a personal level. While we have remained fully operational and on track to deliver all product updates, service, and support as planned due to the global and cloud-based nature of our organization, we had an important need to prioritize the safety and well-being of our team and ensure they had the resources they needed to take care of themselves and their families. This included offering our office in Tel Aviv as a safe shelter, sending care packages and meals to affected employees and the families of our active duty soldiers, and providing access to counseling and volunteer opportunities for anyone interested. I have been humbled by the outpouring of support we have received from peers and colleagues and am personally very proud of the strength, bravery, and resilience of our entire team as we’ve navigated this difficult time.
Industry-Leading Original Research
SafeBreach has the most advanced threat research team in the breach and attack simulation (BAS) industry that actively conducts original research to ensure our Hacker’s Playbook remains the world’s largest and most up-to-date collection of exploits and known attack types. In 2023, the SafeBreach Labs team discovered six new common vulnerabilities and exposures (CVEs) and was invited to share impressive new research with the wider security community in appearances at conferences around the globe, including Black Hat, Black Hat Europe, DEF CON, SecTor, HackCon, CONFidence, and more.
While this original research helps improve security on a global level, it is also used to generate original attack content within the SafeBreach platform that customers can use to protect their organization against these threats—and it isn’t available anywhere else. Check out highlights of this year’s research and associated media coverage below.
- Defender Pretender: When Windows Defender Updates Become a Security Risk
- See coverage by Dark Reading and PCMag.
- One Drive, Double Agent: Clouded OneDrive Turns Sides
- See coverage by The Register and SC Magazine.
- The Price of Convenience: How Security Vulnerabilities in Global Transportation Payment Systems Can Cost You
- See coverage by TechCrunch and The Record.
- Weather Forecast: Money is Going to Rain from the Cloud
- See coverage by Tech Radar and The Hacker News.
- The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools
- See coverage by SC Media and The Hacker News.
- EDR = Erase Data Remotely by Cooking Unforgettable (Byte) Signature Dish
Awards & Analyst Recognition
As a leader in the BAS space, we continued to receive important validation of our work in the form of industry awards and analyst recognition in 2023. For the second year in a row, Gartner® recognized SafeBreach in its 2023 Gartner Hype Cycle™ for Endpoint Security report, which provides in-depth insights about the cutting-edge technologies that are making waves in the endpoint security space. They also identified BAS as a technology that “will play an important role in enhancing cyber readiness as part of a larger continuous threat exposure management (CTEM) program” in the Gartner Strategic Technology Trends for 2024 report.
From an awards perspective, SafeBreach was honored with the CISO Choice Award in the BAS technology provider category for the second year in a row, swept gold in three categories of the Cybersecurity Excellence Awards, and was named the winner of the Global InfoSec Awards Most Comprehensive BAS solution award. Maybe most importantly, SafeBreach was recognized by Built In’s Best Place to Work Award for the collaborative, diverse, and equitable culture we’ve created with and for our employees.
Community Expansion & Customer Experience
At SafeBreach, we have a unique perspective that BAS is a comprehensive program—not just a standalone product—that is enhanced and optimized by the collective knowledge of a committed community. In 2023, we took great strides to continue building this formidable community of security experts, thought leaders, and experienced customers in a number of ways.
First, we launched the SafeBreach Community, an online forum where customers can find FAQs, submit questions to SafeBreach support experts, and actively engage with each other about common use cases, challenges, and more. We also expanded the SafeBreach Validate Summit, a recurring event that brings together experts to discuss challenges, best practices, and key considerations for building a proactive security program and implementing strategies to improve cyber resilience. Finally, we continued to enhance and expand our customer success program, which pairs customers with dedicated resources from our Customer Success Team to ensure they get the most out of their BAS program. These efforts culminated in a customer satisfaction rating of over 95% and our recognition by the 2023 SC Europe Awards for Best Customer Service.
Expanded Partnership Ecosystem
The SafeBreach partner program was designed to leverage technical alliances and integrations with industry-leading cyber security solutions to maximize protection, prevention, and ROI for enterprises. At the beginning of 2023, we launched the SafeBreach Threat Intelligence Collective, a strategic partnership with leading threat intelligence providers that offers security teams a more powerful way to ingest the latest threat intelligence, validate and visualize their exposure, and prioritize remediation actions to prevent breaches. We expanded our relationship with Microsoft by announcing our participation in the Microsoft Security Copilot partner program, with the goal of providing a solution that will bring a greater level of automation to our customers’ security operations centers. Additionally, we announced new integrations with Recorded Future, Anomali, Trend Micro, Netskope, and ServiceNow.
Looking to 2024
Again, as I reflect on last year and its accomplishments, I can’t help but express my gratitude for the support of the SafeBreach community. Everything we’ve accomplished has been a collaborative effort by our employees, customers, and partners—the trust you’ve placed in SafeBreach has been the cornerstone of our success.
As I look to 2024, I am filled with excitement and confidence. I am excited about the opportunity to celebrate SafeBreach’s 10-year anniversary in February and all the hard work that has led us to this point. And I am confident about the trajectory of our organization and the market-leading innovation of our product team. In the coming year, they will continue to develop product offerings that enhance the level of value and services SafeBreach provides not just around BAS, but around overall exposure management—stay tuned for more details.
I wish each of you a happy, healthy, and peaceful new year. I cannot wait to see what 2024 holds as we continue to work together and take the next step in our journey.
– Guy Bejerano