Digital Forensics and Incident Response
Compromise Assessment
A compromise assessment actively looks for threats in your network. This is also variously known as Threat Hunting or a Hunt Forward Operation. CyberCX can deliver these engagements as a sovereign New Zealand capability.
Cyber security is not static. Cyber threats evolve, vulnerabilities are discovered, networks are modified and services and products are added or retired. Being able to demonstrate confidence in the security of your network to boards, shareholders and executive has become a critical function of cyber security teams. With organisations relying heavily on existing or outsourced capabilities, an independent compromise assessment can provide you with the evidence to demonstrate the security of a network.
Benefits of a Compromise Assessment
Assurance of your security
We actively investigate for evidence of cyber security incidents on your network. The outcome of which provides assurance that nothing has slipped through your security and waits undetected to cause you harm.
Independent analysis
As an independent party we can provide you and your organisation a view of the security of your network with new tools and fresh eyes. We focus on the internal network not the perimeter.
Commitment to security
The outcome of the compromise assessment will provide evidence to demonstrate your commitment and success at securing your organisation’s network and your customer data.
What is a Compromise Assessment?
A Compromise Assessment gives a comprehensive and holistic overview of organisation’s network to try and answer one question – are we breached? We do this by proactively searching for threats on your systems by deploying advanced capabilities at scale across your estate. Our experienced team of professional Digital Forensics and Incident Response (DFIR) investigators go through evidence and telemetry available on your network – looking both at the current state, as well as reviewing available data to search for signs of historical intrusions and indicators of compromise. This lets us see if malicious actors in the past have gained access or, or worse – remain undetected.
Compromise Assessments allow you to speak with confidence about your security posture and your status to internal or external stakeholders. They allow you to identify and contextualise risks – and unlike other types of assessments, can find actualised threats rather than hypotheticals. Even a Compromise Assessment returning a clean bill of health helps to prove the posture of an organisation is effective.
Compromise Assessments are point-in-time engagements – and will likely differ from traditional threat hunting processes a Security Operation Centre (SOC) uses by leveraging different telemetry sources, more advanced capabilities and a different scope.
Ready to get started?
Determine if your organisation has suffered a breach with a Compromise Assessment from the largest and most experienced DFIR team in the region
CyberCX Compromise Assessments
Investigation
Analysis by our team of leading incident response experts to identify, analyse and investigate unknown malicious activity on your organisation’s network.
Customisable
Our compromise assessments are customisable to your organisations requirements, desired outcome and network. If you have an area of concern, high risk or sensitive systems, or want to focus on a particular threat, we will work with you to scope the assessment based on your requirements.
Documented outcomes
At the end of the compromise assessment we will provide you with documented outcomes including an executive summary for senior leadership and a technical summary with any significant findings and the response action recommended and undertaken.
What happens if there is evidence of a breach?
In the event that our team finds evidence of serious compromise we will notify you immediately, and you will be provided a final report with detailed information about compromised hosts and systems (or the whole network), evidence of data exfiltration or other actor activity and an understanding of the tools, tactics & procedures (TTPs) malicious actors may be or have used to bypass your security controls – enhancing your resilience by giving you an opportunity to improve your posture, remediate and close the gaps – or pivot immediately into breach response activities.
Why partner with CyberCX for Compromise Assessments?
Investigation capability you can rely on
- CyberCX is the leading provider of professional cyber security and cloud services in New Zealand and can deliver these engagements as a sovereign New Zealand capability.
- Ten-year legacy as the regions leading independent DFIR practitioners, trusted with some of New Zealand and Australia’s biggest ever breach investigations.
- Incident response for New Zealand’s largest enterprises and government agencies.
- 2000+ digital forensic investigations and cyber incident responses completed for clients globally.
- SANS certified investigators.
Ready to get started?
Determine if your organisation has suffered a breach with a Compromise Assessment from the largest and most experienced DFIR team in the region