Compromise Assessments

Whether you suspect a breach or simply need peace of mind, Blackpanda threat hunting specialists perform a thorough, inside-out investigative sweep of your systems, identifying any signs of compromise to expose hidden threats in your environment.

White Gradient

Dwell Time

the length of time an attacker remains in an environment, from the time of access until they are eradicated

94 Days

average dwell time, APAC 2019

>3 Years

total dwell time of 10% of APAC Cases in 2019 

Compromise Assessments

Cyber Security Threat Hunting

Cyber attackers often work quietly in the background, operating for months (or years) undetected in a target network. The longer a compromise goes unnoticed, the more damaging the impact on your business. Blackpanda threat hunting specialists assist with the detection and identification of potential breaches to a client’s network—uncovering hidden threats and prioritizing action for remediation.
 

Compromise Assessments vs. VAPT

While vulnerability assessments and penetration tests (VAPT) offer an “outside-in” check of your perimeter for cracks in your defenses, a Compromise Assessment approaches your environment from the inside-out, identifying any signs of abnormal behavior or malicious activity that may be hiding deep within your system.

Abstract Strip Medium.png

The Value of a Compromise Assessment

DEFINE

your organization’s threat landscape (strengths, weaknesses, vulnerabilities)

DETERMINE

whether your organization has been breached

COMPLY

with government-mandated requirements  for assessment

ASSURE

investors, customers, and other stakeholders of your security

Assessment Approach

WEEK 0 

PLANNING PHASE

WEEK 1 

DEPLOYMENT PHASE

WEEK 2-5 

OPERATIONAL PHASE

  • Determine requirements

  • Arrange logistics & contacts

  • Identify high value targets

  • Choose technologies to deploy

  • Detection and logging platforms

  • Introduction and briefing meetings

  • Deploy sensors to endpoints

  • Deploy network sensors to key ingress/egress points

  • Identify available log sources and stage threat hunts

​​

  • Confirm sensors are collecting all relevant data

  • Begin PCAP capture schedule

  • Carry out forensic analysis of gathered artifacts

  • Analyze network data for anomalies

  • Initiate threat hunts against available data sources

  • Sweep the environment for indicators of compromise

  • Identify behavioral anomalies on endpoints

  • Identify misconfigurations and vulnerabilities

WEEK 6 

REPORTING

  • Detailed findings

  • Prioritized remediation advice

  • Observations

  • Post compromise assessment briefings

  • Guidance and advice on future initiatives

Technologies

Our proprietary incident response technology simultaneously gathers initial forensic evidence and log data across all devices, resulting in faster response and increased efficiency during an investigation.

Our voice stress analytics technology is a sophisticated risk assessment tool for rapidly assessing the fidelity of verbal responses, matching results against digital forensics data for a more holistic understanding of the incident.

Qualifications

Our teams consist of an elite cadre of international special risk and security experts from International military special forces, intelligence, forensics and law enforcement backgrounds.

Looking for professional support in preparing for an incident?

Services

Copyright © 2020 Blackpanda.
All Rights Reserved.

HONG KONG

Room 37, Level 5, Core F

Cyberport 3,

100 Cyberport Rd

Hong Kong

+852 6975 1099

PHILIPPINES

Penthouse, World Plaza Bldg.

5th Ave., Bonifacio Global City

Taguig City 1634

+63 2 8250 6110

JAPAN

301, 2-7-18

Nishiazabu Minato-ku

Tokyo 106-0031

+81 80 2077 9824

MALAYSIA

D1-U3A-6 Solaris Dutamas

Jalan Dutamas 1

50480 Kuala Lumpur

+60 3 6206 2582

SINGAPORE

3 Church Street

#25-01, Samsung Hub

Singapore 049483

+65 6692 9110

  • LinkedIn
  • Facebook
  • Twitter