Understanding our service
Assume Breach
An assume breach test takes a different approach to penetration testing. Instead of focusing on the external network, we focus on the internal network.
This is done by simulating a real life scenario where an employee is breached and the attacker has access to the employee's computer.
The attacker can then use the employee's computer to pivot into the internal network and gain access to sensitive data.
- Simulate an employee being breached
- Detect how your network handles an attacker on the inside
- Get an overview of how to better lock down your network.
How is is achieved?
Methodical approach
In practice, we place a device on the internal network and simulate an employee being breached. This is simply done by
plugging the device into the network. From here our attacks can begin as if we were a user on the network.
We might get a low privileged domain joined user, to simulate an actual domain joined machine being breached.
From here the test is customized towards the objectives set by the client and us.
Our team is constantly researching new techniques and methods to ensure that we are always up to date with the latest threats.
- Place our machine on internal network
- Employ state of the art attach techniques
- Ongoing communication to ensure test quality
What is the deliverable?
Actionable results
These test are not worth anything if the results are not actionable. We deliver a report with a high level presentation for management and a detailed report for the technical team.
This ensures that the management can understand the risk and the technical team can act on the results.
When the project commences, we will deliver a high quality presentaion with a slide deck to further strengthen the results.
- Management report for management to understand the risk
- Technical report with actionable mitigation strategies
- Slide presentation with Q&A rounds.