Compromise Assessment

Identify if you are being, or have been, attacked with a tailored CORVID Compromise Assessment. Gain confidence as a one-off service or part of your annual security audit.

A CORVID Compromise Assessment will help you understand your estate, identify potential risks and compromises, and strengthen your security. It will also make you better equipped to protect your data, ensuring you meet the latest legal and regulatory obligations.

Using up-to-the-minute threat intelligence, alongside our in-house technology, each bespoke assessment is tailored to reflect your level of concern.

In the event an active breach is found, CORVID’s experienced cyber analysts will provide all the details and support needed for full system recovery, with no disruption to users.

Compromise-assessment_identify-compromise

Identify compromise

consultancy-shield

Demonstrate compliance

Compromise-assessment_weak-link

Ensure no weak links

Compromise-assessment_remediate-breach

Remediate active breaches

How it works

Typically run over a four week period, your bespoke compromise assessment will take into consideration the nature of your infrastructure, likely risks, and any incident history.

CORVID-Compromise-Assessment-diagram

New call-to-action

During the detection phase of the compromise assessment, CORVID’s analysts will arrange weekly updates to let you know about any routine findings. If we identify something actively malicious, we’ll contact you immediately to advise you of your options, to isolate the incident and enable swift remediation.

A Compromise Assessment identifies:

  • Unknown malware (droppers, trojans, worms, RATs, etc.)

  • Fileless compromise

  • Persistent back doors, which allow attackers to maintain a foothold in your network

  • Potentially unwanted programs (PUPs), which can increase your attack surface

  • Shadow software, which is installed without approval and not covered by company security protocols
  • Malicious executables (through process and file analysis)

  • Hijacked processes and malware using advanced masquerading techniques

  • Lateral movement, which allows attacks to spread across your systems

  • Beacons which signal infection

  • Access to known dangerous sites

Download CORVID Compromise Assessment Redacted Report

Once your compromise assessment is complete, our analysts collate the results into a comprehensive, business-focused report, with coherent details of analysis areas, findings, and any remediation advice. This gives you a platform to articulate the effectiveness of your cyber security to stakeholders and the wider business, and highlight any areas for improvement. It also allows you to demonstrate the effectiveness of your security measures to your customers and supply chain.

The findings of your compromise assessment are 100% confidential – you will be allocated a unique identifier which is used as the only reference for your CORVID records.

Compromise Assessment vs. Threat Hunting

Threat hunting involves actively seeking out cyber threats that have already breached the infrastructure. Threat hunters create hypotheses from data on new threats, combining this with insights into adversary tactics. They use threat intelligence to reveal potential and ongoing attacker activities, applying advanced analytics to detect suspicious behaviours amid the vast data collected by security systems. This is an ongoing process and one which our MDR service does exceptionally well. 

In contrast, a compromise assessment is typically performed periodically, often quarterly or monthly, for point-in-time analysis and sometimes to meet regulatory requirements. The scope of a compromise assessment is broader than that of a threat hunt—it examines not only indicators of compromise and attack but also investigates their causes, outlines necessary next steps, and suggests actions to enhance the organisation's overall security posture.

Benefits of a CORVID Compromise Assessment

  • Identify adversaries right away, receive a clear profile of who they are, and how they got in and deploy rapid incident response.
  • Gain assurance prior to an acquisition or merger that their systems are secure and free from compromise before integrating with your own.
  • Receive a clear, detailed report on your cyber health to demonstrate compliance and provide customers and suppliers reassurance
  • No disruption to user activity or daily operations as your compromise assessment is produced quietly in the background.

Considering an acquisition or merger?

No matter how secure your systems are, linking with a poorly protected system gives attackers an easy route into your IT estate. Minimise the risks unknown systems pose to your IT estate by commissioning a one-off CORVID Compromise Assessment for the system you’re linking with. This gives you peace of mind that any existing vulnerabilities are identified and fixed before they can cause damage to your estate.

Frequently Asked Questions & Answers

What is a CORVID Compromise Assessment?
A CORVID Compromise Assessment is a service that analyses your entire IT estate for active malware to determine if you are, or have been, a victim of a cyber attack. It provides a comprehensive understanding of your IT estate, identifies potential risks and compromises, and helps strengthen your security measures.
What is included in a CORVID Compromise Assessment?
The assessment includes up-to-the-minute threat intelligence and in-house technology that offers a bespoke analysis tailored to reflect your level of concern. If an active breach is found, our experienced analysts provide full details and support for system recovery. The assessment takes into consideration your infrastructure, risks, and incident history and provides weekly updates on findings.
Why should we choose CORVID's Compromise Assessment service?
With CORVID, you will gain confidence in your security measures. Our assessment will help you meet the latest legal and regulatory obligations, protect your data, and avoid any disruption to users. We provide a detailed, business-focused report with findings and remediation advice, ensuring 100% confidentiality.
How long does a Compromise Assessment take?
Typically, a compromise assessment lasts four weeks. The timescale considers the nature of your infrastructure, likely risks, and incident history.
Can the Compromise Assessment handle unidentified malware and other advanced threats?
Yes, our compromise assessment is designed to detect and address a wide range of threats, from unknown malware to persistent backdoors and shadow software which is not covered by company security protocols.
What happens when the assessment is complete?
Once the compromise assessment is complete, CORVID analysts collate the results into a comprehensive report with detailed analysis areas, findings, and remediation advice. This report can be used to demonstrate the effectiveness of your security measures to your customers, suppliers, and stakeholders.