TrustedSec’s Breach Assessment service combines proprietary methods for discovering compromises within an environment in an efficient and proactive manner.
In order to determine is a breach has occurred previously or is actively in progress within an organization, we focus on core areas of the network, endpoints, and server infrastructure as well as analyze network traffic, servers, and workstations. TrustedSec relies heavily on the ability to replay traffic data and perform behavioral recognition to uncover techniques utilized by attackers.
This method is often referred to as “hunt teaming,” which aims to identify existing intrusions into the organization.
TrustedSec’s correlation engine extends beyond traditional methods.
The correlation engine analyzes large volumes of data, identifies both known and unknown indicators of compromise (IoCs), focuses on several behavior patterns used for compromising systems, performs lateral movement, and conducts command and control (C2) communications.
The correlation engine focuses on rapidly identifying threats within vast amounts of data and focuses on identifying root causes of the potential compromise. Upon completion of the assessment, organizations will have a clear understanding of previous and ongoing breaches, the threat they pose to the organization, and a defined remediation strategy.
Included in the report is a comprehensive review of the infrastructure to determine breach patterns and to ensure a full threat profile on the attacker.
TrustedSec will perform the following exercises to determine whether a breach has transpired:
- Perform threat and, as needed, forensic analysis of the peripheral environment
- Understand the how, who, when, where, and why of the incident
- Classify current and residual risk from the incident
- Assess the flow of data within the client environment to determine potential related issues of security concerns
- Identify C2 infrastructure as data exfiltration is occurring
- Develop incident summary and recommendations on risk management options
Talk with an Expert
Author: David Kennedy
Security expert, keynote speaker, avid gamer and the go-to for protecting companies from threats.