Widefoot Enterprise Emulation Environment
A deficiency of scientific rigor in cybersecurity research and the difficult challenges of “test driving” cybersecurity tools in a production environment contribute to the rising cost and inefficiency of cybersecurity today. In response, PNNL developed the Widefoot Enterprise Emulation Environment.
Different from a typical testing, evaluation, or simulation environment, Widefoot realistically encompasses the whole enterprise, emulating real-world activity by combining workflows and enterprise operations. This provides emulations that more closely represent production environments in a way that traditional simulations cannot.
What sets Widefoot apart:
- Rapid instantiation of enterprises - Catalogs of reusable blueprints, like those used in building construction, enable Widefoot to quickly and effectively instantiate enterprise environments.
- Realistic operational environments - Real-world operational decisions have major impacts on the overall security posture of the enterprise. Widefoot provides support for real user and abuser behavior, delivering techniques for analyzing behavior and addressing key stakeholder questions.
- Knowledge through emulation - Widefoot’s emulations can reveal areas of vulnerability, define remediations and configuration changes, and demonstrate the impacts of implemented changes—all enabling informed cybersecurity and risk decisions.
- Barleycorn metrics framework - Barleycorn metrics provide a quantitative understanding of the effectiveness of security implementations, empowering decision makers and further informing key stakeholders.
Informed Decision-Making, Improved Security
Widefoot and Barleycorn metrics provide representation, repeatability, usability, and flexibility to establish safe production-like environments for critical emulations. Results from these emulations allow stakeholders to make better-informed cybersecurity decisions and investments, reducing operational risk and improving the overall security posture.