Compromise Assessment
COMPROMISED ASSESSMENT SERVICES – THREAT HUNTING
In this age where companies big and small are often compromised and data leakage occurs, how is your organization confident that your Network, or Endpoints are safe ?
Are you confident there are no malware, advance persistent attacks or threats lurking in your organisation ?
Fortiedge combines our extensive experience responding to intrusions carried out by advanced threat actors, threat intelligence to:
Identify your ongoing or past intrusions
We provides insight into attacker attribution and motivation so organizations know if they are being targeted.
Assess risk by identifying weaknesses in your security architecture, vulnerabilities, improper usage or policy violations and system security mis-configurations, and increase your ability to respond effectively to future incidents.
We identifies security architecture and configuration weaknesses, including missing patches or security software.
We recommends strategic options that can better prepare your organization’s security team to respond to intrusions.
How do we do it ?
Typically, threat hunting works via one or these ways:
- Endpoint Detection & Response (EDR)
- User Entity Behaviour Analytics (UEBA)
- Forensic State Analysis (FSA)
Most solutions consist of an endpoint agent data collector, although some use an agent-less approach and a management server (either cloud based or on-premises) that provides for a central data repository, a management interface and detection engines.
Most are also supported by a cloud-based source of Indication Of Compromises (IOC) and information on attack patterns. Many include the capability to ingest third-party feeds (that is, Norse, iSIGHT Partners, OpenDNS, Soltra, ThreatStream, YARA). Some solutions also offer network agents to detect suspicious network traffic patterns.
Our Consultants have years of experience and gone through offensive security training which helps to piece together what is happening in your organisation.
What you can hope to achieve in this compromise assessment (if any):
- Detection Of Incidents
- Confirm and Priorities Risks
- Contain Incidents
- Remediation
What you will gain from this assessment:
- Analysis of issues affecting the systems.
- Identification of compromised systems
- Report of attacker activity
- Summary of findings