Compromise Assessment

Comprehensive Forensic Analysis for an In-depth Understanding of Overall Cyber Posture

What is it?

In most cases, post cyber-incident investigations reveal that evidence of a potential
attack existed prior to the incident taking place. With a more proactive approach to
cybersecurity, organisations can ensure vulnerabilities and indicators of compromise are
discovered early to prevent future incidents.

This is where Compromise Assessment comes in. Compromise Assessment provides a
comprehensive forensic analysis of an organisations cybersecurity posture by providing:

• Full Asset Discovery

• Detection of cyber threats/indicators of Compromise

• Analysis of flaws in IT and cybersecurity operations

• Technical evidence of compliance measures & deviations that need to be corrected

Why should you use it?

Compromise Assessment is suitable for anyone who is looking to take a more proactive
approach with their cyber strategy.

While organisations are likely to already have a cybersecurity strategy in place (SIEM,
Vulnerability Assessment, Pen-Testing, Anti-Virus) these are not always 100% effective.
Compromise Assessment is complementary to existing cybersecurity solutions and aims
to detect threats that may have not been picked up by them. This allows for remediation
measures to be implemented quickly before these gaps are identified and exploited by
attackers.

We provide Compromise Assessment much different than under traditional methods
which typically occur on-site and take anywhere from 10-12 weeks to complete. We
automate the whole process allowing a forensic analysis to be conducted remotely from
anywhere in the world in a matter of hours/days.

How does it work?

Firstly, the artefact collector module collects all available log data from the Windows
servers and devices on the network. The data is then double encrypted before being
uploaded to the analytics engine.

Once uploaded to the analytics engine, using a combination of AI & ML algorithms the log
data is analyzed against a database of proprietary cyber threat models in order to
identify any vulnerabilities that exist on the network.

Once the analysis is completed, the engine generates a final Compromise Assessment
report which can be mapped to industry standards such as CIS etc. The final report will
provide an in-depth understanding of your infrastructure by showing:

• Has a compromise taken place or what the likelihood for this to happen is

• Weak areas or practices which need to be addressed

• Behavioral analysis and context behind findings

• Recommended next steps for remediation

 

Benefits

  • Minimise Dwell Time:

Identify vulnerabilities early and take corrective immediately to minimise the cost of a potential breach.

  • Rapid Results:

Automated approach ensures the assessment and final report can be delivered within 1 week, compared to 8-12 weeks under traditional methods.

  • Improve Future Cyber Posture:

Our final report provides detailed recommendations which will help improve your organisations overall cyber
posture and further your ability to effectively respond to future incidents.

  • Free Up Valuable Resources:

Automated approach reduces the time associated with the assessment by up to 70%
meaning you won’t have to overcommit valuable  resources.

 

STIC – Compromise Assessment Brochure