ZAIUX® Evo is a Full Cloud platform, providing a sophisticated service of Breach and Attack Simulation (BAS) to IT infrastructures. The execution is optimized by Artificial Intelligence to emulate the evasive behaviour of a human Red Team, thus executing realistic and fully automated ethical hacking processes, concretely testing security holes in the target network.

Unlike an Internal Penetration Test, which limits itself to executing techniques within the network, our BAS emulates a real intrusion. This means that the whole defense chain is validated against a targeted attack coming from the outside, which brings out all vulnerabilities both in Privilege Escalation prevention within the domain and in data exfiltration protection.

How does ZAIUX® Evo work?

ZAIUX® Evo is the first solution providing a complete and realistic simulation of an intrusion in a MS Active Directory environment, exploiting a regularly updated range of the most modern and advanced hacking techniques, run in stealth mode to emulate a human approach. Automation is managed Machine Learning models integrated in the DPZR™ engine, specially developed to emulate the behaviour of an expert human hacker, breaking down the time barrier of manual execution.

Through Artificial Intelligence, the system’s response is shaped by adaptive algorithms according to the attack surfaces emerging from the scans, all in a fully automated way.

ZAIUX® Evo is an intelligent Full Cloud platform which generates, for each assessment, an isolate sandbox, associated with an initialization package which can be directly executed from any endpoint of the target network, without installing any agent.

Ease of use

Configure and monitor a BAS in a few simple steps, directly from the MSSP portal, without installing any agents on the endpoints

A Virtual Red Teams at your service

Execute orchestrated techniques against weaknesses in the target network, obtaining better performances compared to a manual Penetration Test

No false positives

Gain insight on the real critical spots, concretely exploitable by an attacker, thus prioritizing your remedial actions.

Clear and optimized reporting

Receive a clear and concise report, which shows the attacks successfully performed, referring to the MITRE ATT&CK framework.

For the most advanced users, the ZAIUX® suite also includes ZAIUX® Framework: a Command-and-Control software designed for authorized Red Team Operations.

ZAIUX® Framework comes with a vast set of out-of-the-box evasive techniques, leaving the operators only the duty to perform the offensive operations in a safe and under-the-radar environment.