WHAT IS AN ASSUMED COMPROMISE?
An 'assumed compromise' assessment works on the assumption that a dedicated attacker targeting your organization will eventually get onto the network. Conducting this type of assessment, organizations skip the part of the red team test aimed at determining if an attacker can get access to the network and focus instead on assessing their detection and response capabilities and finding out what an attacker can achieve when they are inside the network.
SOME OF THE ELEMENTS TYPICALLY INCLUDED WITHIN AN ASSUMED COMPROMISE ENGAGEMENT AS INDICATORS OF COMPROMISE ARE:
- Command & control
- Network reconnaissance, enumeration and mapping
- Lateral movement
- Privilege escalation
- Data exfiltration
Context works with clients to design a series of attacker behaviors, aligned to the MITRE ATT&CK framework and drawing on our extensive experience and expertise in adversary simulation. These behaviors are mapped into testing scenarios to simulate the activities of attackers that have breached your organization. Context uses a blend of in-house developed tools and exploits as well as industry-standard toolkits to perform the assessment in a safe and controlled manner.
Upon completion of the attack scenarios, Context will work with your defensive team to determine what activity was detected, and where detection capability could be improved. Assumed compromise testing allows you to understand what potential damage an attacker could cause once they have breached your organization’s defensive controls. This allows your security team to focus their efforts on reducing the impact of a potential breach before it happens, and maximizes the efficiency of your security investment.
CONTEXT’S ASSUMED COMPROMISE TESTING ALLOWS US TO PROVIDE:
- In-depth assessment of your detection and response capabilities
- An understanding of what potential damage an attacker could cause once they have breached your organization’s defensive controls
- A focus on improving your ability to detect malicious activity on your network
Download our red teaming services flyer for more information: