Our Compromise Assessment is a professional, proactive hunt for advanced threat actors operating in your network. We hunt for the actors and their malicious implants, evidence of threat actors using well-known system administrator tools for lateral movement and C2, and for threat actor tradecraft.
Our Compromise Assessment is designed to answer the following questions.
• Are you currently compromised?
• Were you previously compromised?
• Is there evidence of threat actor tradecraft?
• Are there suspicious DNS queries?
• Were known tools used to dump Active Directory credentials?
Our Compromise Assessment works by deploying our Endpoint Analytics client to your workstations and servers and our experts analyzing the scan results. In addition to searching for malicious processes, we also hunt for malware-less attacks and suspicious network activity, including suspicious DNS activity.
Our Compromise + Risk Assessment is our Compromise Assessment combined with a Risk Assessment designed to identify Host and Network risk factors that we have seem threat actors exploit over the years. Focus areas of the risk analysis include:
• Active Directory design
• Suspicious DNS activity
• Credential assessment and management
• Internet gateway design
• Advanced threat detection
• Resilience to social engineering
• Mission critical control review