GRIMM Founder and CEO, Bryson Bort, announced the launch of CROSSBOW™, a security assessment platform that enables organizations to fully validate their defenses without the need for costly training or complex setup. Bort also unveiled SCYTHE, a new company focused on bringing complementary commercial security solutions to market that demonstrate and deliver the art of the possible in cybersecurity. While GRIMM and SCYTHE remain closely linked companies with collaborative research and development efforts, GRIMM will continue to focus on its service offerings including engineering, consulting and R&D, while SCYTHE will be dedicated to developing and bringing to market advanced products to address the world’s most pressing cybersecurity challenges.
Today’s threat landscape is daunting. Attack vectors evolve faster than teams can defend against them. Traditional security solutions are ineffective and validation efforts such as penetration testing and red teaming are limited in scope, not reflective of real world threats, unscalable, costly and risky. Security operators can use CROSSBOW’s advanced capabilities to validate the risk posture and exposure of businesses and their employees as well as the performance of security teams and the solutions they use. It offers the ability to setup, customize, and run adversarial campaigns in a matter of minutes and receive granular reporting about an organization’s production environment and degree of compromise quickly and effectively.
“Over time, we observed a number of consistent pain points for our customers and a gap in the market. Most organizations lack insight into their actual enterprise defenses: employees, security products, and the security team’s efficacy,” said Bryson Bort, SCYTHE CEO and GRIMM Founder and Chairman. “Building on GRIMM’s deep R&D expertise, we developed a powerful platform, CROSSBOW, to solve this exact problem. We’re rolling out SCYTHE to support CROSSBOW and enhance our ability to bring products to market that leverage GRIMM’s R&D capabilities without distracting from its focus on service delivery.”
Bort is assuming the role of CEO at SCYTHE and Chairman of GRIMM. Brian DeMuth, has been named CEO of GRIMM and will oversee its day-to-day operations. Bort will focus on the daily operations of SCYTHE, carrying out the company’s strategic vision and overseeing the rollout of CROSSBOW and its future product offerings.
CROSSBOW can be used by security executives and operators at all levels with applications across industries and enterprises. The platform can be custom developed for advanced red teams or employed as-is to provide powerful capabilities “out of the box.” Using CROSSBOW, operators gain the capabilities to:
* Simulate the latest known threat campaigns with the CROSSBOW Threat Catalog
* Easily create custom threat assessments using the modular libraries, like building with Legos
* Run CROSSBOW via a SaaS platform or on-premise infrastructure
* Use the maintained CROSSBOW gray infrastructure to simulate different Command and Control (C2) infrastructures around the world
* Create complete reports that integrate with Splunk to drive remediation and business impact
“Good security hygiene is both basic and hard to maintain. By automating red team/blue team exercises and using the capabilities built into a platform like CROSSBOW, IT security teams can continually probe for configuration drift and fix vulnerabilities before they can be exploited by bad actors,” said Paula Musich, Research Director, Enterprise Management Associates. EMA published an Impact Brief on the CROSSBOW launch, contact SCYTHE to receive a copy.
CROSSBOW delivers the power to continuously assess the security posture of an entire company to detect and mitigate risks before someone else does. CROSSBOW is currently available directly from SCYTHE. For more information on the product and to contact our team, please visit: https://scythe.io/crossbow
GRIMM offers security engineering and consulting services backed by research and development in delivering the art of the possible in cybersecurity. The team services government and commercial clients from a diverse range of industries, including the safety sectors such as critical infrastructure, automotive, and IoT embedded devices, and web-based applications, networks, and systems. Additionally, GRIMM develops and teaches advanced custom courseware and training programs in software and embedded system security. Visit us at https://grimm-co.com
SCYTHE is dedicated to demonstrating and delivering the art of the possible in cybersecurity by bringing to market advanced cybersecurity products. Rooted in GRIMM’s core values – innovation, passion and agility – SCYTHE develops solutions that address the world’s most pressing cybersecurity challenges. Its flagship product, CROSSBOW, is a cyber security validation platform that enables organizations to fully validate their defenses without the need for costly training or complex setup. Visit us at https://scythe.io