Explore how attackers operate and their favorite tools and targets in our new SANS research. Get the Report ›

Ransomware Scenario Emulation Report with Illumio

Illumio, Inc. engaged Bishop Fox to measure the effectiveness of Illumio Core for blue teams to detect and contain a ransomware attack. The report details the findings identified during the course of the engagement, which started on March 10, 2022.

Ransomware scenario emulation report cover page and preview with ransomware readiness seal.

As ransomware attacks reign supreme, security teams must implement modern approaches to protecting dynamic, hybrid IT environments. Ransomware will get in — but with technology like Illumio's Zero Trust Segmentation, breaches don't equate to a cyber disaster for your organization. Just how effective is Zero Trust Segmentation in detecting and containing a ransomware attack? Red team specialists from Bishop Fox conducted emulated attacks to measure the effectiveness of Illumio Core against active ransomware threats, using common tactics, techniques and procedures (TTPs). 

This report details how Bishop Fox validated Illumio's Zero Trust Segmentation in rendering attackers ineffective in less than 10 minutes and complements endpoint detection and response (EDR) solutions. 

The goals of the ransomware simulation engagement included:

  • Determining realistic metrics to measure the effectiveness of the Illumio Core product against a ransomware attack
  • Develop an attack methodology based on real threat actors’ tactics, techniques, and procedures (TTPs) to attack the test environment
  • Execute attack emulations on the test environment based on the developed methodology to gradually measure the effectiveness of Illumio Core in detecting and responding to a ransomware attack

For more information on Bishop Fox Ransomware Simulations, please visit our service page.


Trevin Edgeworth

About the author, Trevin Edgeworth

Red Team Practice Director

Trevin Edgeworth is the Red Team Practice Director at Bishop Fox, where he focuses on building and leading best-in-class adversary emulation services to help customers of all sizes and industries strengthen their defenses against current and emerging threats.

Trevin has over 20 years of security experience; he has built and overseen red team programs for several Fortune 500 companies, including American Express, Capital One Financial, and Symantec Corporation. Other accomplishments include leading a security organization as Chief Security Officer (CSO) for a major security company. Trevin has led a variety of security functions in his career, including cyber threat intelligence, hunt, deception, insider threat, and others.

Trevin is an active member of the security community. He has presented at several industry conferences and been interviewed by leading publications on topics such as red teaming and threat intelligence.

More by Trevin

Paul Dant BF Headshot

About the author, Paul Dant

Senior Director of Cybersecurity Strategy at Illumio

Paul Dant is the Senior Director of Cybersecurity Strategy at Illumio. With over thirty years of focused security research and consulting, Paul Dant has vast knowledge of today’s security landscape that he augments with deep technical understanding. In practice, Paul specializes in building pragmatic security solutions, guiding some of the largest enterprise organizations in the world to build effective security programs. Prior to joining Illumio, Paul was Vice President of Security Product Management at Digital.ai, Senior Security Engineer at Arxan Technologies, and Chief Strategist and Managing Principal at Independent Security Evaluators.

More by Paul

Extend Your Knowledge

Check out these related resources.

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.