Am I compromised?
To properly protect your network, you must have a proactive approach to security. Organizations around the world now realize that sitting back and waiting for an alert to fire puts them in a precarious position. Proactively hunting for adversaries within your network is critical to staying ahead, but even before you start threat hunting, you need to assess your enterprise to see if you have been previously breached.
Build a custom plan that fits your needs
Not all networks are the same and looking for threats is a unique exercise for each team. CTIR partners with your organization to help you design custom hunting plans that define the scope of engagement, identify your current coverage and gaps in visibility, and deploy proprietary Cisco technologies. Our experts will analyze their findings and provide a final report with detailed results and prioritized recommendations that your team can implement. The CTIR team can also lead or assist in responding to any threats discovered during the compromise assessment.
What does this include?
Proactive identification of suspicious indicators
to help identify possible links to malicious activity and provide you with a stronger security posture and deeper understanding of your infrastructure.
Access to skilled incident responders
with years of experience dealing with numerous types of incidents, who will provide actionable intelligence.
Full access to Cisco’s complete tool suite during the incident
to provide greater visibility, speed and a broader understanding of all threats in the network.
Compromise assessment case studyFortune 500 retailer
- Client had growing concerns about their e-commerce sites ahead of and during the retail holiday season.
- While the client had an existing team, they did not want to pull focus from their day-to-day operations and engaged CTIR to proactively look for a compromise in the e-commerce environment.
- During a six-week engagement, CTIR worked alongside the customer to deploy the needed technologies, hunt for compromise, identify any persistence mechanisms and remove any threats.
- Cisco also monitored the environment for the remainder of the holiday season, once we determined there were no attackers on the system.
- Installed and deployed Cisco’s industry technologies that provided greater visibility and higher levels of confidence for protecting the environment.
- Located numerous types of commodity malware within the infrastructure that the client’s traditional AV solutions were not capturing.
Interested in this service?
Reach out to your account team or contact us below.