Compromise Assessments
Evaluate your current security posture
In the current cyber threat landscape, it’s now not a matter of “if” but rather “when” your organisation will experience a cyber-attack. With cyber resilience being a distant fantasy for most organisations, we have now stepped up the game and are now offering the Compromise Assessment Service, which is focused on proactively hunting for evidence of current or historical unknown security breaches, malware, and signs of unauthorized access within your environment.
Why you need a Compromise Assessment
Whilst conducting regular vulnerability assessments and penetration tests are important, and help prevent exploitation of gaps within your environment, they do not reveal if your environment has already been breached by threat actors who have already set up shop. Without full visibility into your entire estate, attackers may go undetected while they exploit your systems or pivot them to launch attacks against other victims.
To achieve total confidence that your environment is indeed clean and patched up, your organisation needs to incorporate regular Compromise Assessments in addition to vulnerability assessments and penetration tests. This ensures that your organization has a properly laid out roadmap to not only eradicate inherent vulnerabilities within your environment, but also confidently know your true security posture.
Our Compromise Assessment service is a comprehensive technical assessment that probes your security controls and entire environment for Indicators of Compromise and anomalous activities, which enables us to recommend the best courses of action you can take for remediation.
When threat actors manage to breach your first line of cyber defence, and get access to critical data, they also evade detection and cover their tracks to maintain access. Without a focused technical assessment, your organisation will not be able to mitigate the potential impact, nor answer questions like:
- Have we been compromised before?
- How bad was the compromise?
- Does the threat actor still have access?
- How is the threat actor maintaining that access?
- Which data is being affected in the compromise?
- Is our infrastructure being used for pivoting in attacks against other victims?
Why Choose This Service?
- Validate the effectiveness of your current security controls.
- Reduce the dwell time highly evasive adversaries can have on your environment.
- Limit the impact of breaches on your organisation by detecting and remediating them earlier before further damage is done.
- Get free managed SIEM monitoring during the assessment period, complete with a customer portal so you can also have complete visibility over your entire infrastructure.
Our Approach
Proven approach to ensure your organisation's security posture is properly evaluated.
01
Scoping & Information Gathering
We first passively gather information to identify IOCs, and to map the scope of the assessment by identifying mission-critical systems that may have been exposed within your environment.
02
Deploying Our SIEM & Endpoint Monitoring Agents
We deploy our endpoint monitoring agents & log collector, which are managed and monitored by our SOC to monitor your entire environment, whether on-premises, cloud or hybrid.
03
OSINT Investigations
We perform OSINT investigations to find out if there is any chatter over information relating to your organisation on dark web forums, blogs, etc.
04
Analyse The Data & Your Internal Controls
We analyse the data pulled from the host devices in your environment performing host and network forensics, as well as malware and log analyses. We also assess and evaluate the effectiveness of the internal controls that your organisation has in place towards securing your infrastructure.
05
Reporting & Remediation Guidance
Wrapping up the Compromise Assessment, we provide a detailed report that outlines the steps we took, our findings and recommendations to remediate the adverse findings.