The Evolve Marketplace provides you with immediate access to specialist security skills and capabilities that you can add to your business within minutes. These capabilities include:
- Automated Penetration Testing
- Compromised Account Monitoring
- Automated Incident Response
- Orchestrated Security Infrastructure
- Cyber Threat Intelligence
- Security Automation Utilities
Both commercial subscriptions and freely available security workflows and modules can be imported from the Evolve Marketplace into your Evolve Account.
Every commercial Evolve Marketplace item allows flexible per-month subscriptions with no lock in contracts to ensure that your security remains as flexible as your business needs.
Once you have imported your new security capabilities from the Evolve Marketplace into your Evolve Account, your subscription is activated and you can then launch your new security automation workflows, modules and services as many times as you need.
Optimize your security budgets by streamlining your security automation by utilizing scalable security zones, reducing frequencies of workflow and module executions, minimizing Evolve Agent polling frequencies, and expiring data to contain storage costs.
Evolve Partners gain access to publish commercial grade security automation modules, workflows and intelligence to the Evolve Marketplace to expand their market reach and support the wider security community.
Optimize your costs with usage-based billing and monthly subscriptions by importing what you need, when you need it.
Evolve Workflows allow you to define the orchestration and automation of your security capabilities and environments.
This enables you to perform repeatable orchestration of Evolve Modules, Containers, Agents, Charts and Dashboards across any Evolve Region or Evolve Agent located on-premise and in public cloud environments. Evolve Workflows define the chaining of Evolve Modules with the event-driven Evolve Containers for real-time security automation.
Since Evolve Workflows natively integrate with Evolve Security Zones, you can easily deploy on-demand scalable security automation capabilities to perform any task across your business.
Evolve Workflows also natively integrate into the Evolve Console so that your custom orchestration and automation capabilities can be easily launched in a user-friendly and repeatable manner. Evolve Workflows supporting input parameters for custom orchestration and automation to meet your business needs.
Evolve Workflows can be shared privately to another Evolve Account, or published to the Evolve Marketplace for commercial or community access. The Evolve Marketplace provides access to hundreds of commercial and freely available Evolve Workflows to deliver easy to use specialist security automation capabilities.
Evolve provides you with access to hundreds of Evolve Modules via the Evolve Marketplace that have been developed by expert security specialists so that you can immediately increase your security capabilities.
Evolve Modules provide you with an easy way to develop and integrate your own custom code into Evolve to perform repeatable security automation tasks. There are three primary types of Evolve Modules including:
- Standard Modules
- Infrastructure Modules
- Chart Modules
Standard Modules are launched in real-time when an event triggers the module to be executed. Standard modules are designed to perform a specific task and are terminated once the task has completed. Standard Modules can range from collecting intelligence from the internet, to a Slack bot for integrated ChatOps, through to automated security breach response activities.
Evolve allows you to orchestrate Security Infrastructure via “Evolve Infrastructure Modules” that are launched as a service and are not terminated unless manually deleted. Infrastructure Modules can be launched as automatically scalable and may be made accessible from the Internet or orchestrated via Evolve Agents. An Infrastructure Module could be a TOR Proxy for access to Dark Net websites, an SSH Module for troubleshooting Module development, through to a Web Application Firewall or Vulnerability Scanner.
Evolve also generates its Dashboard charts through the use of “Chart Modules”, which are standard modules that take data and convert it into a supported chart format. Evolve supports four charting libraries, including the popular D3 library.
You can select from running your modules within Ubuntu or Kali within Evolve Security Zones across any Evolve Region, or remotely running your modules via Evolve Agents on your own systems.
Evolve Modules can be shared privately to another Evolve Account, or published to the Evolve Marketplace for commercial or community access. The Evolve Marketplace provides access to hundreds of commercial and freely available Evolve Modules to deliver easy to use specialist security automation capabilities.
Evolve Services are more complex security offerings that typically cannot be implemented within an Evolve Module. This allows you to gain immediate and easy access to more complex security solutions to increase your security capabilities.
Evolve offers the following series of “Compromised Account Monitoring” services that are available in the Evolve Marketplace:
- Consumer Compromised Account Monitoring
- Micro Business Compromised Account Monitoring
- Small Business Compromised Account Monitoring
- Medium Business Compromised Account Monitoring
- Enterprise Business Compromised Account Monitoring
Evolve monitors your accounts and domains on a regular basis with access to over 700 billion compromised accounts and notifies you of any matching accounts for your organization.
This allows your organization to automatically get notified of the latest security breaches that affect you to help ensure you can proactively protect your organization.
Evolve Containers are event-driven data storage and act as scalable on-demand data lakes allowing you to send any unstructured data into Evolve to automatically trigger the attached Evolve Workflows and Modules.
Evolve Containers are one of the fundamental building blocks of Evolve’s real-time security automation.
A typical Evolve Module will have an “Input Container” and an “Output Container”. When a new file is uploaded to an Input Container (a.k.a Trigger Container) it will automatically launch any attached Evolve Modules that have this container as their “Input Container”.
The input file will automatically be passed through to the launched modules for them to analyze or use for their specific security automation purpose. Any output produced by the module will be copied into the “Output Container”.
This Output Container may be the Input Container of another Evolve Module, which would then be automatically be triggered once the former module completed. This is how Module Chaining is implemented and can be orchestrated automatically via Evolve Workflows.
Evolve Containers are isolated to a specific Evolve Region, which means that any data that you copy to your Evolve Container will remain within your geographic boundaries to enforce data sovereignty.
Another unique capability is that Evolve Containers can be shared privately to another Evolve Account, or published to the Evolve Marketplace for commercial or community access. This means that intelligence sharing between organizations and across industries can happen seamlessly. Every time a new file is uploaded into a Shared Container, it is automatically synchronized across to all Evolve Accounts that have imported this container.
This provides easy access to intelligence data to increase your specialist security automation capabilities whilst also optimizing your security budgets.
Security Automation often requires authentication to your corporate systems and applications to proactively identify your critical risks, enable remote orchestration, or automatically respond to security breaches.
Evolve Credentials have been designed specifically to keep your sensitive authentication details secure whilst enabling trusted and integrated security automation.
Protected by the Evolve Global Certificate Authority, your Evolve Credentials are encrypted at multiple layers with your own dedicated Evolve Credential Certificate Authority. This means that only your Evolve Account has access to your Evolve Credentials to use within your security automation workflows.
Evolve Credentials support the following features:
- Evolve Certificates
- Evolve Key Pairs
Evolve Certificates allow you to securely generate encryption certificates and keys using your dedicated Evolve Certificate Authority. These certificates may be used for native integration with your security automation, such as orchestrating Evolve VPN Gateways allowing trusted remote access and encryption to your systems and data.
Evolve Key Pairs can be used to store any type of data that you wish to be secured and automatically integrate with your Evolve Workflows and Modules. Examples include securely storing:
- Windows Domain credentials for Evolve Automated Incident Response evidence collection and response actions
- OAuth Tokens for Slack integration with Evolve for streamlined security operations
- Username and Password for proxy or application authentication
- SSH Keys for automated SSH authentication
In order to maximize the security of your Evolve Credentials, they are only accessed in real-time at the point when your corresponding Evolve Module is launched, and are destroyed the moment the Evolve Module has completed.
Evolve Credentials deliver secure trusted security automation.
Evolve orchestrates your security automation workflows and modules in real-time within “Evolve Security Zones”.
Evolve Security Zones are orchestrated isolated environments with dedicated compute and storage that are transparently scalable and customizable to meet the security automation needs of your business.
Evolve Global Regions allow you to orchestrate Evolve Security Zones within your preferred geographic location to ensure that data sovereignty can be maintained whilst executing your security automation workflows.
Evolve Security Zones support the following features:
- Evolve NAT Gateways
- Evolve VPN Gateways
- Scalable Security Zones
- Non-Scalable Security Zones
Evolve NAT Gateway
Within minutes you can orchestrate an “Evolve NAT Gateway” that is allocated a static public IP address. You can attach an Evolve Security Zone to an Evolve NAT Gateway so that all outbound traffic from the Security Zone will originate from your static NAT Gateway IP address.
This is often used when performing Automated External Infrastructure Penetration Testing so that you can differentiate your own attacks from actual malicious internet-based attacks.
Evolve VPN Gateway
Evolve VPN Gateways orchestrate simple and secure remote access to your internal systems. Secure authentication and encryption is automated using certificates generated by the Evolve Global Certificate Authority.
The only thing you need to do is simply install your pre-configured Evolve VPN Client onto an internal Ubuntu machine.
You can attach an Evolve Security Zone to an Evolve VPN Gateway so that all traffic destined for your internal corporate or cloud networks will be routed through your Evolve VPN Gateway.
This allows on-demand internal security capabilities, including Automated Internal Infrastructure Penetration Testing to identify your critical internal risks, or Automated Incident Response capabilities to respond to threats.
Scalable Security Zones
Evolve Security Zones can be configured as “Scalable” to automatically scale-up as your security automation demands increase, and also automatically scale-down to nothing when your Security Zone isn’t being used. This automatically optimizes your usage costs whilst also enabling on-demand high-performance security automation capabilities.
Scalable Security Zones are the most commonly used since they provide flexible capabilities whilst also allowing larger Security Zones to be used in a cost effective manner.
Scalable Security Zones can be configured to use both Evolve NAT Gateways and Evolve VPN Gateways. When a NAT Gateway is not attached to the Security Zone, each node of the Security Zone will be provided with its own dynamic public IP address.
Non-Scalable Security Zones
“Non-Scalable” Security Zones provide a single high-availability node that remains running at all times and is allocated a static public IP address.
This is perfect for launching “Evolve Infrastructure Modules” that you want to be accessible from the internet, including Evolve DNS Sinkholes, Metasploit Servers, Block List Servers, Proxy Servers, SSH Servers and many more.
Non-Scalable Security Zones can be configured to use both Evolve NAT Gateways and Evolve VPN Gateways.
Evolve allows you to create custom charts and easily add them to dashboards. Evolve Charts and Dashboards also natively integrate with Evolve Workflows allowing them to be shared and orchestrated on-demand.
Evolve Charts are simply Evolve Modules that generate chart output supported by the various charting libraries within Evolve, including D3.js charts.
Evolve Dashboards can be created using a simple drag-and-drop interface. Any Evolve Module configured as a Chart Module can easily be added to any of your Evolve Dashboards.
Evolve provides you with custom visibility of your threats, attacks and security breaches so you can maximize your security.
REMOTE ORCHESTRATION AGENTS
Evolve Agents extend the security automation and orchestration capabilities of the Evolve Cloud through to your on-premise and third-party cloud networks.
Evolve Agents are installed on dedicated internal Ubuntu or Kali machines, also known as your “Agent Device”. This means that you do not need to run anything on your endpoints and now have the ability to orchestrate your Evolve Modules and Workflows on any of your Evolve Agent Devices.
This provides you with the capability to orchestrate security infrastructure on your internal networks, including internal Evolve DNS Sinkholes and Honeypots, through to internally orchestrating Automated Incident Response environments.
Evolve automatically generates pre-configured Evolve Virtual Appliances to be deployed into your corporate networks and on-premise data centers, supporting VMware or Hyper-V, and third-party cloud providers, including AWS and Azure.
Once booted, the Evolve Virtual Appliance automatically connects back to your dedicated Evolve environment, enabling authorized Evolve Security Zones to remotely orchestrate and execute security automation capabilities within your internal networks, including internal penetration testing and incident response.
Evolve Virtual Appliances fit within your security architecture. This includes direct connectivity and support for unauthenticated and authenticated proxies, including Basic Authentication and NTLMv2 to integrate with your Active Directory security policies.
Evolve Virtual Appliances provide far more than just connectivity. They run an Evolve Agent to provide you with remote security orchestration capabilities to dynamically turn your Evolve Virtual Appliance into any security capability that you need. You can remotely trigger your Evolve Virtual Appliance to orchestrate into an on-demand Incident Response Environment, an internal DevOps Application Security Testing Environment, or even orchestrate production security infrastructure for breach detection, such as a DNS Sinkhole with integrated Cyber Threat Intelligence feeds.
Since Evolve Virtual Appliances can be deployed across distributed environments, including globally distributed networks, you now have the capability to orchestrate on-demand security capabilities throughout your environment from a central console.
Gain access to an in-depth view of all of the security automation actions within your Evolve Account via Evolve Events.
Evolve Events provide:
- Evolve Module run-time information
- Evolve Workflow details
- Evolve Container data transfers
- Evolve Security Zone orchestration, scaling actions and currently running modules
- Evolve Agent events
- Evolve Credential events
- Evolve Dashboard and Chart orchestration
- Evolve NAT and VPN Gateway orchestration
- Evolve Service events and notifications
Evolve provides full traceability of actions performed so you can track the actions that have been performed.
Access and publish on-demand commercial grade security automation modules, workflows and intelligence. Optimize your costs with usage-based billing and monthly subscriptions by importing what you need, when you need it. MORE
Streamline your security through repeatable security automation patterns by defining chained automation modules, orchestrated security infrastructure and scalable storage, with automatically integrated intelligence data. MORE
Access and develop specialist security capabilities through modular code, and orchestrate security infrastructure through modular build configurations. Launch customized instances of modules in the cloud or distribute across your internal networks. MORE
Gain immediate and easy access to more complex security solutions, including Compromised Account Monitoring across 700 billion accounts, allowing your organization to automatically increase your security capabilities and reduce risk. MORE
Orchestrate scalable event-driven data storage that automatically triggers your security automation modules and workflows within the Evolve Cloud or across your distributed environments, whilst also enabling transparent intelligence sharing. MORE
Protected by the Evolve Certificate Authority, securely store credentials and generate encryption certificates for use with your security automation modules, workflows and infrastructure, allowing trusted access and encryption for your systems and data. MORE
Execute your security automation modules and workflows within on-demand, customized and isolated environments with dedicated and scalable compute and storage within any of the Evolve Global Regions to keep your data safe. MORE
Customizable drag-n-drop dashboards allow you to visualize and interact with your security automation data through the use of Evolve Chart Modules. Dashboards and charts can be defined, orchestrated and shared using Evolve Workflows. MORE
REMOTE ORCHESTRATION AGENTS
Evolve Agents extend the security automation and orchestration capabilities of the Evolve Cloud to all of your third-party cloud and on-premise networks, including Automated Incident Response, without the need to run on your endpoints. MORE
Evolve automatically generates pre-configured Evolve Virtual Appliances to be deployed into your corporate networks and on-premise data centers, supporting VMware or Hyper-V, and third-party cloud providers, including AWS and Azure. MORE
Gain access to an in-depth view of all of your security automation module and workflow actions, including detailed module run-time information, data transfers, currently running modules, orchestration and scaling actions, to provide full traceability. MORE
Evolve enables you to maximize your security budget by providing flexible usage-based billing for every Evolve Product. You can now optimize your security spend by balancing frequency, capacity, isolation, subscriptions and storage to meet your business needs.
Evolve allows your security budgets to remain fluid to map to your business needs throughout the year.
OPTIMISE YOUR COSTS WITH USAGE-BASED BILLING
Importing workflows and modules from the Evolve Marketplace has once-off usage charges per import to orchestrate your new capabilities
SECURITY ZONE USAGE
Evolve transparently optimizes usage charges related to the scaling of Security Zone infrastructure and storage in real-time
Evolve Workflow usage occurs when launching new workflows to orchestrate and chain your security automation modules and data
Evolve Modules are stored and executed on-demand and in real-time that incur usage. Optimize usage by reduced module executions
Evolve Service usage occurs upon scheduled or on-demand service execution. Minimize usage by reducing service calls
When storing and transferring data within Evolve Containers, usage charges can be optimized by compressing or expiring data
Evolve Agents allow distributed orchestration of modules on premise and in the cloud. Optimize usage by reducing the polling frequency
Generating and storing Evolve Dashboards incur usage to enable populating chart data from within Evolve Containers
Evolve Event usage enables you to keep track of all of the security automation actions and events within your accounts
FREQUENTLY ASKED QUESTIONS
WHAT IS AUTOMATED EXTERNAL INFRASTRUCTURE PENETRATION TESTING?
Evolve Automated External Infrastructure Penetration Testing will automatically collect and generate intelligence about your organisation, employees and systems that can be used by attackers to compromise your organisation. This includes identifying your most exposed employees, leaked usernames and passwords, compromised systems, suspicious dark web communications, unknown domains, systems and geographic locations.
This continues into the active testing phase that includes exposed system and software fingerprinting, real-time exploit and malware identification, automated vulnerability identification and attacks, followed by intelligent and automated exploit configuration and exploitation.
The combined results of these phases are then used to automatically prioritize the vulnerabilities that are most at risk of being exploited to ensure that your security team dedicates their time to remediating real risks to your business.
HOW DO I GET STARTED?
The first step is to register for an Evolve Account. You will then have access to the Evolve Marketplace where you can subscribe to the Automated External Infrastructure Penetration Testing solution. Simply import this automation workflow into your Evolve Account.
You can follow the Getting Started Guide to then schedule your first Automated External Infrastructure Penetration Test workflow instance. The results will automatically be displayed in the corresponding Evolve Dashboard.
IS THE AUTOMATED EXPLOITATION FEATURE SAFE?
Evolve Automated External Infrastructure Penetration Testing is designed to automatically identify in real-time the latest available exploits on the internet for the vulnerabilities that have been identified on your systems.
These exploits are then automatically analyzed to identify if the exploit is known to trigger a Denial of Service condition, in which case you will be notified of the exploit and the execution will be skipped.
On top of this, exploits are automatically classified to determine their maturity and quality level to ensure that only exploits classified as safe are launched against your systems.
Other contextual information about your environment is also used to configure the exploits in the best possible way using the information available.
GETTING STARTED WITH
EVOLVE SECURITY AUTOMATION
STEP 1: REGISTER AN EVOLVE ACCOUNT
Congratulations for deciding to mature and streamline your security capabilities and maximize your security budgets. Your first step is to simply register for an Evolve Account using the Register button on the Evolve website.
STEP 2: LOGIN TO YOUR EVOLVE ACCOUNT
Now that you have an Evolve Account, login using the Sign-In button on the Evolve website. This will take you to the Evolve welcome screen.
STEP 3: SETUP YOUR EVOLVE BILLING
Evolve subscriptions and usage-based bills are charged via credit card.
- Setup your payment method via the Billing feature located under your Profile Menu towards the top right-hand corner of your Evolve Account.
- Select the “Add Payment Method” button that will load the Evolve Secure Payment Gateway page where you can add your credit card details.
- As part of our fraud-prevention controls, your credit card will be charged a nominal amount that you need to enter to verify your credit card before it can be used for payments.
Your Evolve Account is now setup and you are ready to mature your security.
STEP 4: SELECT YOUR EVOLVE REGION
Evolve is a specialist security automation cloud, which means that it has globally distributed infrastructure enabling geographic security controls allowing you to keep your data and processing within the geographical regions aligned to your business needs.
- Select your Evolve Region in the top right-hand corner of your Evolve Account.
Any actions you take will occur within your selected Evolve Region.
STEP 5: EVOLVE MARKETPLACE
The Evolve Security Automation workflows are available in the Evolve Marketplace. Simply import the workflows into your Evolve Account with the following steps.
- To get to the Evolve Marketplace, navigate to the Marketplace side-menu.
- Whilst in the Evolve Marketplace, locate the Evolve workflows that interest you by either selecting the corresponding category, such as “Penetration Testing” and browsing through the available workflows, or by searching for a keyword, such as “incident response”.
- Click on the marketplace item that interests you to review the overview of the workflow, workflow usage and any pricing information.
- Click the Import button and step through the import steps.
- You will then be redirected to the Imports page.
- You may need to use the Reload button to see your newly imported workflow.
Once the import status changes from “Pending” to “Available” you have successfully imported this security automation workflow and added this specialist security capability to your business.
You should now visit the corresponding Evolve Solutions page on the Evolve Website to understand the workflow capabilities and “Getting Started” guide.