Compromise Assessment
We take a snapshot of your network - and find hidden intruders, bots & backdoors
Four weeks, one test: stop assuming, get confirmation!
Orange Cyberdefense's Compromise Assessment is a unique service that allows you to check your IT infrastructure for the presence, traces and activities of professional attackers.
This service has helped organizations identify a wide variety of industrial espionage cases, some of them serious, that in some cases have gone undetected for months, resulting in loss of intellectual property and financial damage.
Experience ensures success
Our experience is based on the daily analysis of attacks in our Security Operations Centers (SOCs) and a large number of compromise assessments, in which we were able to reliably detect reconnaissance behavior, malware, bots, backdoors, CnC communication, data leaks, etc and were able to regularly identify a wide variety of indicators (IoC) in all phases of a targeted attack.
To do this, we record both incoming and outgoing Internet traffic as well as inter-segment traffic within the network and analyze it for IoCs. Typical host-peer relationships are clustered and the normal interactions filtered out by baselining. Behavior that deviates from this comes to light more clearly because the typical patterns of the propagation techniques used (brute force, replication, Kerberos accounts scans, Power Shell scripting, SQL injection, etc.) can be identified.
The Compromise Assessment is an unconventional, innovative and contemporary risk management measure that really gives you certainty:
- Reliable detection of ongoing attacks
- Detection of installed malware
- Identification of the motive and origin of the attacks
- Detection of persistent backdoors on end systems
- Proof of the initial attack vector and lateral spread via compromised systems/accounts
- Strategic advice and technical support