Detect compromised systems before high damage occurs through Compromise Assessment and increase your cyber resilience through Continuous Compromise Assessment.
An attacker is not at the final destination after compromising an IT system. He will try to compromise more systems and user accounts. The longer he remains undetected, the closer he gets to your critical systems and data, and the higher the damage to your company!
SECUINFRA ́s Compromise Assessment uses forensic methods and tools to specifically search for traces of cyber attacks and reliably detect compromised IT systems.
Without SECUINFRA
Compromise Assessment
Without the regular use of forensic methods and tools to audit IT systems, studies of known cyberattacks show it takes several months before a compromise is detected.
If a compromise remains undetected, it is only a matter of time before an attacker gains access to your most critical systems and data, causing high damage.
With SECUINFRA
Compromise Assessment
By regularly using forensic methods and tools to audit your IT systems, the time to detect a compromise is reduced to a matter of days.
By quickly detecting a compromise, countermeasures can be initiated early and an attacker can be kept away from critical systems and data. A high level of damage can be prevented.
While vulnerability management helps you identify and manage vulnerabilities, regular penetration tests and Red Team exercises show you whether these vulnerabilities can be exploited.
But isn’t it much more important to know if vulnerabilities have already been exploited or if systems in your company have already been compromised?
This is exactly where the SECUINFRA Compromise Assessment comes in. By continuously checking your systems for traces of attacks, you can be sure that your systems are “clean” at all times, and you will be informed immediately if compromised systems are detected.
Continuous Compromise Assessment is an excellent addition to your security measures and increases your cyber resilience.
Vulnerability
Management
Management of vulnerabilities in your infrastructure.
Penetration
Testing
Shows if vulnerabilities can be exploited.
SECUINFRA
Compromise Assessment
Shows wether vulnerabilities have already been exploited.
We help you identify compromised systems quickly and efficiently. With our Compromise Assessment, we have already been able to save numerous companies from high damages.
Marius Gensheimer, Cyber Defense Expert
Marius Gensheimer, Cyber Defense Expert
SECUINFRA Compromise Assessment uses forensic methods and tools to specifically search for traces of cyber attacks and reliably detect compromised IT systems. By quickly detecting a compromise, countermeasures can be initiated at an early stage and an attacker can be kept away from critical systems and data. High damage is thus prevented.
A Compromise Assessment basically consists of the four phases Rollout, Scan, Analysis and Report. A more detailed description of our approach can be found below on this page.
SECUINFRA’s Compromise Assessment Service can be used both preventively, without a known threat situation, and in the course of a previous security incident. The latter scenario includes, for example, situations in which an initial cyber attack on your corporate network has been confirmed, but further information about the course of the attack and thus the basis for targeted, forensic investigations are not yet available. Our Compromise Assessment illuminates the further spread of the attack in record time and avoids high damages.
Our service integrates perfectly with anti-virus/endpoint detection and response (EDR) solutions in parallel, as detection rules for attacker behavior and current vulnerabilities are applied in addition to signatures and malware behavior. Accurate analysis results are achieved by incorporating up-to-date threat intelligence data that is customized to the incident at hand. Even in restrictive environments, such as production environments (OT) with legacy systems, we achieve insights with our Compromise Assessment service that comparable solutions cannot match.
Our service is based on the products of our long-term partner Nextron Systems GmbH. In addition, independently developed analysis tools and the extensive know-how of our cyber defense experts ensure the successful deployment of our Compromise Assessment Service in your company.
A Compromise Assessment can be performed once as an ad-hoc Compromise Assessment after a detected cyber attack. Here, our cyber defense experts quickly and efficiently assess the scope of the attack and reliably identify compromised IT systems. This is the basis for initiating further incident response measures. A Compromise Assessment can also be carried out regularly as a Continuous Compromise Assessment. Here, our cyber defense experts regularly examine your IT systems to identify compromised systems at an early stage. This allows countermeasures to be initiated before high damage is caused.
In both use cases, a Compromise Assessment includes the following 4 phases:
In the rollout phase, we work with you to gain an overview of how many systems are under consideration and which software configurations are used in your company. Then the management environment is installed and configured, and the agent software for the service is rolled out to the infrastructure (client and server systems).
The course of the scan phase depends on the selected service package:
The first scan, both for Ad-hoc Compromise Assessments and Continuous Compromise Assessments, is always a baseline scan to get an overview of the current security and risk situation. If Continuous Compromise Assessment has been selected as the service package, follow-up scans are performed at selected intervals, which build on the baseline scan and only look at changes. Continuous Compromise Assessment in particular makes the analysis more efficient with each subsequent follow-up, and potential attacks can be detected much more quickly.
In the analysis phase, our cyber defense experts examine the scan results and identify compromised IT systems. The events are described, classified into criticality classes and provided with clear recommendations for action. In the case of particularly critical results, you are informed immediately.
After each scan, you receive a detailed report on all security-related results, detailed descriptions, assessments and clear recommendations for action. The report is presented to you in a video conference.
If you have been the victim of a cyber attack, our cyber defense experts also provide support in the areas of digital forensics and incident response (DFIR) for a detailed investigation of what happened and to restore your IT operations as quickly as possible.
Furthermore, we support you in implementing recommendations for action to improve your cyber resilience.
Our cyber defense experts are also available to assist you with further forensic investigations, restoring your IT infrastructure, and improving your cyber resilience.
