Tevora's Compromise Assessment empowers you with the information you need to identify potential threats, plan proactively and avoid becoming victims of targeted attacks.
The number of organizations notifying the public of their breaches is growing. Often a breach occurs months or even years before it is noticed. Our Compromise Assessment proactively allows your organization the ability to identify suspicious activity. We will uncover the hidden threats within your organization and remove them before they cause further damage.
Our goal at Tevora is to provide you with a partner in incident response that can help your organization survive a cyber-attack. We will help clean your environment and share knowledge of the defenses and practices needed for future security.
Questions We Address:
- Have attackers previously compromised my environment?
- Is my environment currently the target of an attack?
- How can we reduce the risk of another attack?
- What is the extent and severity of the attack?
Through Tevora’s expert knowledge on infrastructure controls and Incident Response procedures, we will come on-site and hunt for evidence that a breach may have already occurred within the organizations infrastructure. Tevora’s Incident Response Team will find and remove these threats to provide a clean infrastructure that the organization can build their security upon.
Our four-step Compromise Assessment process:
- Create and review a detailed map of the network and enterprise attack surface
- Establish a configuration baseline for servers, workstations, and critical infrastructure components
- Review endpoint configuration and hardening standards plus asset classification standards
- Review logs for Indicators of Compromise (IOC) and Indicators of Attack (IOA)
- Understand the possible compromises that have occurred within the environment
3. Contain and Eradicate
- Breakdown and classify events to deploy response tools
- Contain compromised hosts and gather data samples
- Remediation based of best practices and needs of the client
- Full Recovery of hosts and full environment status check
4. Recommendations Report
We will provide you with a recommendations report with all the information you need to make critical business decisions. Report will:
- Detail identity of any compromised systems and provide an analysis of your network, endpoint and log data.
- Identify any attacker activity including a preliminary attack timeline and malware information.
- Summarize our findings with clear recommendations, giving you the knowledge you need to take next steps.