Illumio, Inc. engaged Bishop Fox to measure the effectiveness of Illumio Core for blue teams to detect and contain a ransomware attack. The following report details the findings identified during the course of the engagement, which started on March 10, 2022.

GOALS:

• Determine realistic metrics to measure the effectiveness of the Illumio Core product against a ransomware attack
• Develop an attack methodology based on real threat actors’ tactics, techniques, and procedures (TTPs) to attack the test environment
• Execute attack emulations on the test environment based on the developed methodology to gradually measure the effectiveness of Illumio Core in detecting and responding to a ransomware attack