A compromise assessment is a technical review of an organization’s security controls conducted when a company wants to find out if there is a possible security breach or malicious activity conducted in their network.
The objective is to examine the client’s IT infrastructure (network infrastructure, systems and applications) with a focus on identifying signs of a potential compromise, presence of back-doors, and unauthorized access.
Condition Zebra’s Compromise Assessment Methodology
The goal of endpoint analysis is to identify any malicious activities, Indicators of Compromise (IoC) by analysing the Operating System logs. In Windows, the commonly used log files are Security, Application & System log files.
NETWORK LOGS AUDIT
Network audit logs must include the means for identifying, journaling, reporting, and assigning accountability for potential compromises or violations of network integrity. Network audit logs must be sufficient in detail to facilitate reconstruction of security-related events if a compromise or malfunction is suspected or has occurred.
Monitor traffic between the client network and the Internet and analyze for the presence of indications of compromise and malicious lateral movement. Applying forensic methods on the Ethernet layer is done by eavesdropping bitstreams with tools called monitoring tools or sniffers. The most common tool on this layer is Wireshark (formerly known as Ethereal) and tcpdump where tcpdump works mostly on Unix-like operating systems.
Compromise Assessment Needs
It starts with your objective. If your main goal is to eliminate unknown security breaches because you suspect a possible security breach in your system, then you’ll need a compromise assessment service.
To identify the presence of any security breaches.
Identify security weaknesses in the current system.
Level 3-10, Block F, Phileo Damansara 1, 46350 Petaling Jaya, Selangor, MALAYSIA.
Monday-Friday: 9am – 6pm
Schedule a FREE CONSULTATION to learn more about Condition Zebra’s Compromise Assessment – Schedule Appointment or Whatsapp