The purpose of the assessments & testing is to map the cyber resilience of an ICT (customer) environment. We then analyze the results of these assessments and can, at the request of the customer, work out the measures to be taken with the appropriate prioritization based on risks. Which assessments do we offer?
CIS CONTROL ASSESSMENT
IT RISK ASSESSMENT
A CIS Critical Security Control assessment is often a repeated yearly check of the security controls present in the IT environment. The purpose of this assessment is to identify gaps in security and to correlate these gaps with the customer indicated business risks, and help the customer prioritize their security projects and investments for the next calendar year.
All Endpoints (laptops, workstations, servers, etc..) are actively scanned for vulnerabilities. These scans reveal whether and which Endpoints contain vulnerabilities and what a customer needs to do to resolve them. The results of this investigation are then translated by our analysts and specialists into risk-based actions to be taken.
AD SECURITY ASSESSMENT
ACTIVE DIRECTORY RISK ASSESSMENT
50% of organizations experienced an Active Directory (AD) attack in the last two years. Together with ourselves and our partner CrowdStrike, you can win against adversaries. The CrowdStrike Falcon Platform is the first and only unified security platform in the industry to seamlessly combine advanced endpoint security with real-time identity protection to comprehensively stop breaches. Contact us for a Active Directory Risk Assessment to secure your AD against modern attacks that can bypass traditional end point-only solutions.
ATTACK SURFACE MANAGEMENT SCAN
Attack surface management is the continuous discovery, monitoring, evaluation, prioritization, and remediation of attack vectors within an organization’s IT infrastructure. While similar in nature to asset discovery or asset management, often found in IT hygiene solutions, the critical difference in attack surface management is that it approaches threat detection and vulnerability management from the perspective of the attacker. In so doing, the organization is driven to identify and evaluate risk posed not just by known assets, but unknown and rogue components as well.
CLOUD SECURITY ASSESSMENT
CLOUD SECURITY RISK ASSESSMENT
The Cloud Security Assessment provides actionable insights into security misconfigurations and deviations from recommended cloud security architecture to help clients prevent, detect, and recover from breaches.
Our Penetration Testers simulate real-world attacks on different components of your IT environment to test the detection and response capabilities of your people, processes and technology and identify where vulnerabilities exist in your environment. We work according to three testing methods: Black Box, Grey Box, White Box.
ASSUMED BREACH ASSESSMENT
A compromise assessment, otherwise called an assumed breach assessment, starts from the assumption that attackers have been active in the environment. This is an extensive technical scan checking for well-known techniques and artifacts indicating attackers activity. We aim to answer the question “was the enterprise breached?”. We strongly advise such a comprehensive scan in case of a new take-over or business merge, to establish a relation of trust with the new entity. The results of this scan can be used as well to prioritize further security measures needed in the organization.