An assume breach test takes a different approach to penetration testing. Instead of focusing on the external network, we focus on the internal network. This is done by simulating a real life scenario where an employee is breached and the attacker has access to the employee's computer. The attacker can then use the employee's computer to pivot into the internal network and gain access to sensitive data.
In practice, we place a device on the internal network and simulate an employee being breached. This is simply done by plugging the device into the network. From here our attacks can begin as if we were a user on the network. We might get a low privileged domain joined user, to simulate an actual domain joined machine being breached. From here the test is customized towards the objectives set by the client and us. Our team is constantly researching new techniques and methods to ensure that we are always up to date with the latest threats.
These tests are not worth anything if the results are not actionable. We deliver a report with a high level presentation for management and a detailed report for the technical team. This ensures that the management can understand the risk and the technical team can act on the results. When the project commences, we will deliver a high quality presentation with a slide deck to further strengthen the results.
Let's discuss how we can help you identify internal vulnerabilities before a real breach occurs.
GET IN TOUCH →Let's discuss how we can help you identify and fix vulnerabilities before attackers do.
GET IN TOUCH →