Network Compromise Assessment

Red Team Assessment
January 6, 2017
Hindustan Times Features Torrid Networks On Website Hacking of India’s Elite Commando Force (NSG)
January 6, 2017
Detection of a targeted attack sometimes takes about six months to even upto five years as witnessed in the past. Network compromise assessment helps an organization in proactively evaluating their network environment for the possible malware compromises, presence of persistent threats and attacker activity. Depending upon the network nodes, compromise assessment requires traffic capturing of about 48 - 64 hours, after which a comprehensive analysis is performed to hunt for the bad.
Our network compromise assessment reduces the breach detection gap and helps identifying the malware compromised network nodes, advanced persistent threats or possible attacker activities at its early stages.

Our Methodology

Traffic Capturing

We deploy traffic capturing sensors in different network segments to record and ingest the network traffic into our custom developed big data analytics.

Logs Collection

We also collect and ingest logs from security devices like content filtering, DLP, IPS, mailing etc. to our analytics to perform comprehensive assessment.

Analysis

Recorded network transactions and events are then searched against both private and community IOCs, signatures and patterns to determine any existing compromise within the network.

Anomaly Detection

We run our proprietary big data analysis engine built on the top of classification and clustering machine learning algorithms to detect the suspicious activities.

Evidence Collection

We verify the reg flags generated out of the analysis to avoid any false positives. Proper evidences are collected to support the reported findings along with the impact of the compromise.

Reporting

Our report includes the suspicious traffic, supporting evidences, impact analysis, recommendations, missing technology and process controls at various levels.

Our Expertise

  • Year of experience in conducting cyber attack investigations and compromise assessments
  • Applying both private and community based IOCs, signatures and patterns to discover the unknown
  • Deep expertise on network traffic and log analysis
  • Customized big data solution to ingest and analyze data at scale
  • In-house developed classification and clustering algorithms based query engine to determine suspicious activities

Learn More

Contact us today to learn more about our specialized network compromise assessment services

Contact Us