Get a Demo

AttackIQ + D3 Smart SOAR

Test and Strengthen Security Controls at Scale

AttackIQ’s Breach and Attack Simulation capabilities combine with D3 Smart SOAR’s orchestration engine and MITRE ATT&CK TTP correlation to create an end-to-end solution for effective attack detection and response. Joint users can run scheduled or ad hoc simulations of specific attacks, ingest the results back into D3 playbooks, and orchestrate the necessary steps to resolve any vulnerabilities.

Leverage the industry’s leading breach and attack simulation technology

Automate the testing security controls for gaps

Use the results of simulations to inform automated playbooks

Get the D3 Integrations Guide

Benefits and Capabilities

D3’s integration team takes the burden of integrations off your hands by building, maintaining, and upgrading the best possible connections between tools. We have closely studied AttackIQ to produce a powerful integration that enables you to:

  • Run AttackIQ Assessments directly from Smart SOAR playbooks
  • Turn failed assessments into automation-powered investigations
  • Manage the assessment process entirely through Smart SOAR, via integrations across the entire security stack
  • Use Smart SOAR’s Monitor Dashboard to prioritize testing of certain techniques
Flowchart illustrating the integration between AttackIQ and D3 Security's Smart SOAR

Use CAse

Ad Hoc Attack Simulation

Every organization spends a great deal on security tools, but how do they know if the tools are actually detecting malicious activity? By integrating with AttackIQ, Smart SOAR users can run simulations of their most high-risk attack types to ensure they are being prevented by security tools. Smart SOAR can then ingest the test results and automatically orchestrate the next steps, such as querying SIEM logs for more information, or sending email notifications to system administrators to check tool configurations.

  • Run frequent assessments without a dedicated red team
  • Increase coverage of attack techniques
  • Diagnose critical vulnerabilities

Use Case

Prioritizing and Automating Attack Simulations

By integrating Smart SOAR and AttackIQ, users can easily prioritize the attack types they need to test, and automate scheduled tests for regular intervals. Smart SOAR correlates incoming events against the MITRE ATT&CK Matrix, which feeds into D3’s Monitor Dashboard. On this dashboard, analysts can see the prevalence of each ATT&CK technique in their environment, immediately revealing the most frequent types of attacks they are facing. This information can then be used to schedule AttackIQ assessments of those attacks using an automated playbook. 

  • Focus resources on the most high-risk threats
  • Ensure that tests of security controls are always up to date
  • Implement a consistent procedure for gap analysis

Why Smart SOAR?

Joint users of AttackIQ and D3 Smart SOAR don’t just get automated attack simulations, they also get the countless other features that make Smart SOAR the leading independent SOAR solution, including:

Expert-built codeless integrations across the stack

Tier 1–3 automation, based on deep research into the capabilities of common tools

The Event Pipeline, which reduces alert volume by up to 98%

Cross-dimension correlation, which acts across tools, timeframes, TTPs, and artifacts

AttackIQ Integration: Summary

Key Details
Feature-rich integration
Developed and maintained by D3
Drag integration into visual playbooks
Test integration from playbook
Manage attack simulations from Smart SOAR

Integrations Done the Right Way

An unlimited number of pre-built integrations, expertly maintained by the largest technical team in security automation. Thoroughly researched, tested and built—and delivered for free. Always.

See All Integrations