⬅️ Back to Project Overview

🧪 Automated Attack Simulation

ShieldCraft AI leverages AWS-native and GenAI-powered attack simulation to proactively validate your cloud security posture. By emulating real-world adversarial techniques including ransomware, privilege escalation, lateral movement, and data exfiltration ShieldCraft AI enables continuous control validation and rapid identification of gaps before they can be exploited.

Key Features

• Continuous, scheduled, and on-demand simulations using AWS services and custom playbooks
• GenAI-driven scenario generation for novel, polymorphic attack chains
• Deep integration with AWS security and automation services:
  • AWS Lambda: Executes attack playbooks and remediation actions in isolated, ephemeral environments for safe testing.
  • AWS Step Functions: Orchestrates complex, multi-stage attack scenarios and response workflows, enabling parallel execution and granular control.
  • Amazon GuardDuty: Detects simulated threats in real time, validating detection coverage and alerting efficacy.
  • AWS Security Hub: Aggregates findings from GuardDuty and other sources, providing unified visibility and compliance reporting.
  • Amazon CloudWatch: Monitors simulation activity, tracks metrics, and triggers automated responses or alerts based on defined thresholds.
• Automated remediation for detected gaps, leveraging Lambda and native AWS controls
• Comprehensive reporting and audit trails for compliance and continuous improvement

How It Works

1. Scenario selection from a library of AWS-specific attacks or custom GenAI-generated scenarios
2. Simulation execution in isolated environments using AWS Lambda, Step Functions, and custom scripts
3. Detection and response validation via GuardDuty, Security Hub, and CloudWatch
4. Automated remediation and detailed reporting

Architectural Insights

• Modular, cloud-native design built on AWS CDK, Lambda, and Step Functions
• Safe, isolated testing with no impact to production workloads
• Extensible playbook library for evolving threat models
• Continuous feedback loops for ongoing improvement

Learn More

• AWS GuardDuty: Threat Detection
• AWS Step Functions: Orchestration
• AWS Lambda: Serverless Compute
• AWS Security Hub: Aggregated Security Findings
• Amazon CloudWatch: Monitoring & Alerts
• AWS CDK: Infrastructure as Code