Security Validation

Compromise
Assessment

Verify whether your organization is already compromised by cybercriminals — ongoing or undetected — and know exactly what to do.

Talk to a specialist

What if the attackers are already inside?

The constant headlines about major security incidents causing millions in losses and nearly irreversibly damaging company images and reputations represent only a small fraction of what happens daily. The vast majority of incidents remain undetected for months — or even years.

Knowing what is happening to your organization today, understanding whether malicious artifacts or activities are present, is essential not only to prevent imminent losses but also to understand how they can be avoided in the future. It is also possible to identify whether something has already occurred and went undetected by existing controls.

The Compromise Assessment service was developed to address this growing and recurring market demand, using leading methodology and technology — forensically investigating the environment to identify evidence of active or past compromise.

Benefits

Knowledge of ongoing or already-executed malicious actions
Early identification of undetected compromises
Understanding of real risks facing the environment
Quality information for immediate decision-making
Demonstration of due diligence to shareholders and regulators
Independent assessment of implemented processes and controls

Who is it for

All organizations — regardless of size or sector. The Compromise Assessment is especially recommended after mergers and acquisitions, vendor changes, or any event that expands the attack surface.

Investigation Scope

Four layers investigated
in depth.

The service analyzes each layer of the environment in search of evidence of malicious activity, using forensic methodology and industry-leading technology.

Endpoint

Real-time analysis of machines running Windows, macOS, or Linux to detect active malicious activities, including malware, ransomware, backdoors, and installed attack tools.

Network

Passive sensors installed to detect unauthorized communications with command and control (C2) servers, malware traffic, data exfiltration, and other network anomalies.

Email

Passive sensors installed to analyze inbound and outbound email flow, identifying phishing campaigns, email-distributed malware, and suspicious communications with attackers.

Log

Various techniques and technologies are used to analyze logs from applications, endpoints, security assets, and other systems, correlating events to identify past or ongoing malicious activities.

What you receive

Service deliverables.

Diagnostic Report

Detailed document on ongoing or previously executed malicious activities, with all evidence found in each investigated layer.

Action Plan

Recommendations to improve the security level and eliminate the identified compromise, based on the diagnosis presented.

Engagement Models

On Demand Managed Services Umbrella Retainer

Do you know what is happening
in your environment right now?

Don't wait for an incident to make headlines. Contact us and verify whether your environment is already compromised.

Request assessment

CompromiseAssessment