Our breach assessments utilize a heuristic-based approach to identify adversary activity operating within your network. Leveraging known adversary actions outlined in MITRE’s ATT&CK Framework, our analysts and toolsets are focus on surfacing these indicators specific to the customer environment. Regardless of the adversary TTPs used, we will be able to detect some of the most sophisticated adversaries operating today.
Whether you are experiencing an active breach or you are looking to determine what happened after the fact, our team will be able to assist in resolving even the most devastating of compromises. Our experts are trained in timeline creation, forensics support, and log analysis to trace an adversary’s actions and provide a full picture of the actions taken. We will integrate into your incident response methodology and assist as needed.
A full planning exercise tailored to achieve maximum impact of the assessment
Real time communication and collaboration during the assessment execution window
Executive and technical level briefings with your staff to outline findings, observations, and the attack chain
Comprehensive write-ups in a full report detailing every facet of the engagement – all potential entry vectors and entry attempts will be documented
Recommendations of areas to increase visibility so that a future breach will not be missed