To uncover vulnerabilities that will allow an attacker to escalate their privileges in the network from an “assume breach” perspective. By uncovering potential vulnerabilities before a hacker manages to penetrate the network, the potential losses of a breach can be kept to a minimum.
Most intrusions follow the same pattern: First a user’s laptop is compromised. The attackers then escalate their privileges in the network until they have sufficient privileges to accomplish their goal, whether it is to encrypt the data with ransomware or steal classified information.
Our Security Assessment simulates the attacker’s behavior after an initial foothold is acquired. The intent is to build attack chains leading from a standard user to full domain compromise.
The assessment comprises the following phases:
A laptop configured for a standard user is delivered to Danish Cyber Defence. If possible, most data collection and analysis are performed via the VPN configured on the laptop. Alternatively, a few days can be needed on-site during the AD analysis phase.
That a Security Assessment is performed once or twice a year, as enterprise networks evolve at a rapid pace, thereby potentially introducing vulnerabilities at any time.