Remote Compromise Assessment - Everything You Need to Know

Remote Compromise Assessment – What is it?

Remote Compromise Assessment is a derivative of the term Compromise Assessment. Compromise Assessment is essentially a deep technical review of your network to identify any previously undetected vulnerabilities, ranging from suspicious user activity, vulnerable cyber-policies, use of potentially dangerous software, examples of Brute Force Attack or evidence of a previous breach.

Historically this type of Assessment would be delivered by the consultancy divisions of companies like EY, PWC or Fireye (Mandiant) which would involve sending a team of 4 to 5 cyber consultants on-site for a month to manually gather the data they need, they then return to HQ where they spend another 4 weeks analysing the data and writing up a final report. Because of the high number of billable hours this service is expensive ($100k+) and only affordable by Enterprise clients.

GuardYoo aims to change this by offering the same service fully automated, remotely and for a fraction of the price. Hence the term, Remote Compromise Assessment. GuardYoo’s Remote Compromise Assessment provides companies with a secure, reliable and affordable Compromise Assessment including Forensic Analysis, within 1week.

What are the benefits of Remote Compromise Assessment?

So now that you know what Remote Compromise Assessment is, you are probably wondering what some of the benefits are. Below we’ll list 3 massive benefits of Remote Compromise Assessment.

  1. Free’s up valuable Resources: As mentioned previously, traditionally a Compromise Assessment is carried out on the client’s site and can take anywhere up to 12 weeks to complete. GuardYoo remote Compromise Assessment automates the entire procedure meaning no resources must be deployed on-site. This free’s up both time and resources for the partner in question.
  2. Reduced Costs: Traditionally, as the assessments are conducted on-site the client is charged on an hourly basis. This means the assessments can turn out to be very expensive with a price of more than £100K not being uncommon. GuardYoo can deliver a Remote Compromise Assessment within 1 week and is charged on a per device basis meaning we can reduce the price of a traditional assessment by up to 70%.
  3. Provides Behavioural Analysis: At GuardYoo we truly believe the first step in a well thought out cyber strategy is to gain a full understanding of the activity which is occurring on your network. This is exactly what GuardYoo does, we provide a detailed map of all activities taking place on your network including any evidence of potentially dangerous software, suspicious user account behaviour and vulnerable cyber policies. Only when you fully understand the range of threats that pose a risk to your network can you make informed decisions on where to focus your existing cyber solutions.

Why Remote Compromise Assessment?

The world is grappling with a shortage of skilled cybersecurity professionals.

In Europe, alone the skills gap in 2019 was 291,000 up from 142,000 in 2018. Globally the skills gap is higher, 4.07million in 2019 up from 2.93m in 2018.

Considering the cyber threat landscape today, the future of cybersecurity will have to involve leveraging technology to regularly interrogate the IT environment and use AI with context to baseline an organisations network activity, user behaviour, processes and connections because these indicators will reveal any deviations from the norm that are putting a company at risk.

Organisations will benefit from having a framework for identifying and forensically investigating suspicious or malicious network events. Remote Compromise Assessment can deliver a framework that acts as a guide to enable companies to collect and analyse evidence effectively so they can better understand their vulnerabilities (Why Remote Compromise Assessment is a Service You Need in Your Toolkit).

Remote Compromise Assessment – Step 1 in a logical Cyber Strategy

Only when companies fully understand their network, the risks that threaten it, and how these risks are addressed within their cyber strategy, can they determine where to direct the processing power of their cyber-defences to focus on limiting the impact of a successful attack.

Compromise Assessment can help companies fully understand how their network is operating and which areas within it are most vulnerable. Once cybersecurity teams have this information, they can deploy their resources to achieve maximum benefit.

The ideal cybersecurity Plan/Roadmap is:

  • Achieve a full understanding of your infrastructure - Compromise Assessment including Digital Forensics.
    A remote Compromise Assessment will give you a clear understanding of any bottlenecks (i.e. locked out accounts), Segregation of Duty issues (i.e. Network Administrators not adhering to best practice) or any existing breaches that were previously undetected.

  • Upload all Compromise Assessment findings to SIEM

  • Test all devices using Vulnerability Assessment scanners (Qualys or other)

  • Pentest

Check out our blog “Remote Compromise Assessment: Step 1 of a Logical Cyber Strategy”, where we use a simple analogy to explain where Compromise Assessment fits into an overall cyber strategy with relation to existing cyber solutions.