"Get hacked!" - Practical cybersecurity assessment of your IT network.
Enhance the security posture of your organisation by conducting a simulated compromise of your internal network.
This is a hands-on review of the organisation's security posture. During the engagement, we will perform lateral movement and escalate privileges to demonstrate how cybercriminals might compromise key parts of your organisation.
The final product is a report with all issues found and recommendations for remediation, mitigation, and risk reduction.
All findings are provided with CIS 18 and MITRE ATT&CK references wherever applicable.
Practical cyber security assessment of your IT network and IT security governance structures.
Understand the overall maturity of your security controls from governance to technical implementation.
This engagement starts with an assumed breach engagement to gather knowledge about the organisation's technical cybersecurity maturity. The technical background is combined with a review of the governance structures and documents to inform an evaluation of the overall maturity of your organisation.
The final product is a report detailing issues and areas of improvement, along with Business Impact Assessments (BIAs) of a couple of key systems.
We use the NIS2 or NIST CSF framework for the overall governance structure, the CIS18 framework for the assessment of security controls and CMMI for the maturity level.
Other frameworks can be used on request.
Practical cybersecurity assessment of multiple companies with reporting to group management.
Gain insight into the security posture across a portfolio of companies and subsidiaries.
Multiple "Assumed Breach Assessments" or "Governance Security Assessments" will be combined across multiple companies. To assess the individual security of entities.
These will be combined into an overall assessment of the portfolio as a whole. Resulting in a report for each entity and a report for the parent company detailing the individual risks and the risks as a whole.
Practical cybersecurity assessment of your web applications.
The Application Security Assessment (ASA) is an assessment of the overall security of an application created by your organization. The assessment is based on the OWASP top 10 and Web Security Testing Guide (WSTG) and assesses if attackers could abuse misconfigurations, vulnerabilities, logic flaws, etc. to compromise your application(s). The final product is a report with all issues found and recommendations for remediation and/or mitigation for these.
