What is a Compromise Assessment?
The Cyber landscape is constantly changing and such is this pace of change, now more than ever, organisations need to adopt an “assumption of breach” mentality to intensify their efforts in maintaining the effectiveness of their cyber defences.
Despite every effort being made to protect critical infrastructure, companies are never sure whether there are breaches that have gone undetected. Nor are they completely aware if new vulnerabilities are being created because of unwitting human behaviour.
GuardYoo’s Compromise Assessment platform delivers an independent audit of an organisation’s network to identify; Indicators of Compromise (IOC’s), Suspicious User Behaviour, Weak Password Strength Policies and any Unauthorised Software whilst also delivering a Full Asset Discovery.
GuardYoo Assessment Methodology
ThreatSCALE is an abstract model, used to describe the different stages of a cyber-attack. This model has been developed by GuardYoo cyber analysts and is based on our many years of experience gained whilst investigating and studying sophisticated attacks across various organisations and industries.
The ThreatSCALE model’s primary goal is to:
- Reconstruct a chronological event timeline of a cyber-attack
- Determine the current stage of the cyber-attack
- Determine the depth and level of penetration within the infrastructure
- Determine security risks based on the current stage of the cyber-attack
The ThreatSCALE model is broken down into three phases:
5. Cyber Mimicry
6. Sleeper Agent.
7. Mission accomplished
The GuardYoo Compromise Assessment platform can be used for a range of audits, including;
1.Verification of Existing Cyber Governance
Irrespective of existing investments in cyber solutions, no organisation can ensure they will not be, or have not been breached. A Compromise Assessment can identify vulnerabilities that have previously been missed and provide forensic analysis of how, when and why a perpetrator targeted a specific organisation.
2. Forensic Analysis
Legal issues arising from a network breach may involve court appearances and litigation. Compromise Assessments can assist companies when faced with legal arguments regarding insurance claims or loss of revenue due to data theft. By identifying the timeline and method used by criminal’s, companies can also ensure minimum reputational damage.
3. Supply Chain Management
Many organisations are now part of a larger supply chain where 3rd party suppliers or vendors have access to each other’s networks. It is vital that each organisation within the supply chain is not a risk to the other members. Having each member carry out regular Compromise Assessment will reduce the risk of breach to the wider network.
4. VC Investment / M&A’s
Whether making investments in early stage start-up’s or overseeing an acquisition, it’s critical that the intellectual property you are investing in has not already been stolen by criminals elsewhere. Before any investment is made, a Cyber Security Compromise Assessment can be carried out to identify any possible breaches to the critical infrastructure.
GuardYoo is a dedicated Cyber Security auditing company with many years of experience in dealing with sophisticated attacks. Our goal is to simplify how Compromise Assessments are delivered by automating the process, thus reducing the resources, time and costs involved
Our team of cyber analysts have experience working with Partners and end-users to mitigate all manner of cyber-attacks. It is this experience that has allowed us to develop our fully automated GuardYoo platform.
Should you wish to learn more about our solution, please feel free to make contact at; dsexton@GuardYoo.com