To identify whether other agents than the intended organisational entities might have gained unauthorized access to the network. This entails verifying that no systems in the IT infrastructure have been compromised.
Our experienced analysts will utilize whatever security solutions you have implemented as an investigative starting point, which also will serve as a valuable evaluation of their effectiveness in regard to detecting a potential compromise.
In order to detect potential compromised systems, we will generate and collect data from multiple relevant sources across the systems and networks. This will, together with our scrutiny of existing security solutions, provide us with several analytical indications for further evaluation.
Should a compromised system have been unveiled, we have a wide range of methods to combat the imminent issue, whether delivering incident response for a targeted attack or performing single systems forensics for non-targeted opportunistic compromises.
To bolster the future capabilities of detecting and responding to potential compromises, we recommend setting up custom logging and data collection based on our findings and extensive experience in the field.
Accessible resources to Active Directory on the Domain Administrator level.
That compromise assessments are done at least biannually and/or before obtaining and merging new infrastructure into the organisation.