Whether you suspect a breach or simply need peace of mind, Blackpanda threat hunting specialists perform a thorough, inside-out investigative sweep of your systems, identifying any signs of compromise to expose hidden threats in your environment.
the length of time an attacker remains in an environment, from the time of access until they are eradicated
average dwell time, APAC 2019
total dwell time of 10% of APAC Cases in 2019
Cyber Security Threat Hunting
Cyber attackers often work quietly in the background, operating for months (or years) undetected in a target network. The longer a compromise goes unnoticed, the more damaging the impact on your business. Blackpanda threat hunting specialists assist with the detection and identification of potential breaches to a client’s network—uncovering hidden threats and prioritizing action for remediation.
Compromise Assessments vs. VAPT
While vulnerability assessments and penetration tests (VAPT) offer an “outside-in” check of your perimeter for cracks in your defenses, a Compromise Assessment approaches your environment from the inside-out, identifying any signs of abnormal behavior or malicious activity that may be hiding deep within your system.
The Value of a Compromise Assessment
your organization’s threat landscape (strengths, weaknesses, vulnerabilities)
whether your organization has been breached
with government-mandated requirements for assessment
investors, customers, and other stakeholders of your security
Arrange logistics & contacts
Identify high value targets
Choose technologies to deploy
Detection and logging platforms
Introduction and briefing meetings
Deploy sensors to endpoints
Deploy network sensors to key ingress/egress points
Identify available log sources and stage threat hunts
Confirm sensors are collecting all relevant data
Begin PCAP capture schedule
Carry out forensic analysis of gathered artifacts
Analyze network data for anomalies
Initiate threat hunts against available data sources
Sweep the environment for indicators of compromise
Identify behavioral anomalies on endpoints
Identify misconfigurations and vulnerabilities
Prioritized remediation advice
Post compromise assessment briefings
Guidance and advice on future initiatives
Our proprietary incident response technology simultaneously gathers initial forensic evidence and log data across all devices, resulting in faster response and increased efficiency during an investigation.
Our voice stress analytics technology is a sophisticated risk assessment tool for rapidly assessing the fidelity of verbal responses, matching results against digital forensics data for a more holistic understanding of the incident.