Firebind Recon Product Overview

Firebind Recon Provides "Table Stakes" Security Policy Validation

Perimeter defense or zero-trust? On-prem, cloud, or hybrid? VPN directly to the office or connect through a CASB (cloud access security broker)?

Long gone are the days of an on-prem firewall being the only policy enforcement engine focused on keeping your network secure. Firewalls, IPS and IDS, DLP and other network security devices or software instances are all enforcing more security policies than ever before. And while testing those policy enforcement engines has always been a “table stakes” activity, especially after changes are made, that testing has always been one of the most difficult auditing tasks to complete, frequently leading to rule modification validation being done poorly if at all.  The migration of critical workloads to the cloud has further compounded the problem due to the introduction of new, unfamiliar configuration interfaces that can operate in a very different manner due to their virtual nature.

There have been many approaches to network security policy testing over the years, whether it be open source tools like netcat and ncat or more advanced approaches that wrapped those tools inside some python scripting. However, what always remained the same was the need to set up a “listener” or “target” host along with running a sequence of command line instructions, all to receive results that weren’t always definitive.

Enter Firebind Recon, a BAS (breach and attack simulation tool) that deploys agents that focus exclusively on enumerating network security controls by putting real payloads “on the wire” to see how the network reacts.

The Firebind Recon Approach

Firebind’s patented technology changes all that by bringing together 3 primary components

Customer Agents

Agents can be deployed in 2 minutes or less on any network segment, on-prem or in the cloud

target agents

Choose one of Firebind’s multiple public target agent clusters or deploy your own private target agents

Cloud-based web console

Configure tests and monitor results from a desktop or mobile device, no CLI interaction needed

Firebind Recon Architecture

Scan Configuration Components

Customer "initiator" agent

Automated installers with a small footprint for Linux, Windows, macOS, and ARM (Raspberry Pi).  Agents can be deployed in 2 minutes or less.

protocol script (payload)

Default to our “Simple” payload, chose one from our GitHub library, or build your own.  Payloads can contain multiple bi-directional message sequences

suite

A suite contains the ports to be tested (e.g. 1-65535 TCP and UDP), the protocol script to test with, the timeout period to wait for a response from the target, and a port delay setting to rate limit the test

policies

Define the status of each port you’d like to test (“open” if traffic should pass or “closed” if traffic should be blocked) and Firebind Recon will alarm if the actual result doesn’t match the configured policy

target

Choose a public target to test to or request one or more of your own private targets that can be deployed at your site or in your own private cloud

schedule

Run your Firebind tests on-demand or schedule them to run at various intervals including every 5, 15, or 30 minutes or every hour, 6-hours, day, or week

Firebind Recon Trial Request

Click on the link below to request a Firebind Recon trial and you will be contacted within a few hours.