Technical analysis of network traffic to detect threats, policy violations and data protection issues though continuous forensic monitoring.
The network security assessment is a fixed engagement designed to technically assess an organisations current security standpoint. Most organisations focus heavily on preventative solutions and assessing vulnerabilities but have the lack of visibility to understand user and network activity and whether they are already in a state of compromise. Our security assessment is a comprehensive layered approach using forensic monitoring with multiple threat detection techniques.
FEATURES
Full Packet Capture
Recording of network activity for network forensic analysis and threat hunting.
Activity Profiling
Statistical profiling of user and network activity to identify trends and anomalies.
Threat Intelligence
Detection of communication with known bad (blacklisted) hosts.
Intrusion Detection
Threat detection using an IDS engine running commercial threat feeds.
Implementation
Deployment of a sensor to perform inspection of all inbound and outbound traffic.
Alerting
Ad-hoc alerting upon notable detection of security threats.
Reporting
Comprehensive reporting detailing all notable findings throughout the assessment with recommendations and advisories, delivered in hard and electronic formats.
Presentation
Both high and low-level presentation of findings to technical team’s executive team.
Cost
Fixed engagement cost including implementation, provision of a sensor, extraction and secure wipe.