COMPROMISE ASSESSMENT - TECHNICAL EXPLANATION

Tailored assessments designed around you

How does the compromise assessment work?

All our Compromise Assessments are designed around the company that we assess and typically run over a four week period. Before the Assessment begins, CORVID analysts will discuss the nature of the infrastructure, likely risks and ask about incident history. This will enable the right Assessment to be designed for your organisation.

The Assessment will capture computer “meta-data”, which describes the software installed on the PCs and Servers, as well as some networking information that is used to identify rogue processes. During the Assessment weekly calls will be held to advise you of your progress and to keep you informed of any routine findings.

If something is identified that looks malicious and active, a CORVID analyst will be in-touch immediately, advising you of your options to enable incident-confirmation and then remediation.

What impact will the compromise assessment have?

A CORVID Compromise Assessment is a pro-active service where the CORVID analysts are actually hunting for tiny tell-tale signs that indicate a security breach is in operation. However, because of the software and hardware that CORVID uses to conduct these Assessments, it is very unlikely that any of your users will be aware that the Assessment is taking place. The service has been designed to be frictionless to the IT operations of an organisation and the software agent operates in low-priority, ensuring that user activity is not interrupted. If a CORVID network sensor is used as part of the Assessment, this operates in a non-intrusive mode so that it cannot impact the software, and is designed to fail-safe so that in the unlikely event of a hardware fault there would be no impact on the network operations.

The findings of a Compromise Assessment are 100% confidential. All customers are allocated a unique identifier which is then used as the only identifier in any CORVID records.

What does the compromise assessment identify?

A CORVID Compromise Assessment can identify:

  • Unknown malware (Droppers, Trojans, Worms, RATs, etc.)
  • File-less compromise
  • Persistent back-doors
  • Beaconing processes
  • Unwanted programs

At the end of the Assessment your security analyst will talk you through a detailed report, highlighting areas that were investigated and explaining the results to give you confidence and reassurance that your IT system is not exhibiting any unknown or strange behaviours.

Book a compromise assessment today

Call us today on +44 1242 278 787 or contact us below to find out more.