ASSESSMENT & TESTING
Ransomware Recovery
Playing the role of a determined hacker, Breadcrumb will expose your organization to real-world attack scenarios.
------ SERVICE OVERVIEW
A Penetration Test provides your organization with a unique birds-eye view of the effectiveness of your security posture. Newer companies may not yet have a handle on their network security. Conversely, more mature companies often have large, multi-faceted networks with easily overlooked elements—particularly as more organizations move to cloud-based systems. Both of these scenarios leave the potential for catastrophic breaches.
During Penetration Testing, Breadcrumb engineers will carefully and systematically play the role of a determined hacker. Simulating sophisticated and real-world attacks, actual hacking tools and industry-leading frameworks will be leveraged to identify and exploit configuration deficiencies.
"Ransomware damage costs will rise to $11.5 billion in 2019 and a business will fall victim to a ransomware attack every 14 seconds at that time." - Cybersecurity Ventures
Assessment Options
Active Directory Assessment
Internal Penetration Testing
Website Security Testing
External Penetration Testing
Web Application Testing
Mobile Application Testing
Cloud Security Assessments
Office 365 Security Assessment
Social Engineering
Wireless Assessments
ASSESSMENT CATEGORIES
Active Directory Assessment
Website Security Testing
External Penetration Testing
Internal Penetration Testing
Web Application Testing
Mobile Application Testing
Office 365 Security Assessment
Cloud Security Assessments
Social Engineering
Wireless Assessments
THE PROCESS
1.
Network Scope
Effective communication with your organization is emphasized to create an operating environment that is comfortable for both parties. Variables such as IT assets, IP scopes, engagement timelines, and rules of engagement will be discussed.
2.
Information Gathering
Employing numerous reconnaissance strategies, Breadcrumb engineers will collect as much information as possible on the Customers organization. The harvested information will allow Breadcrumb engineers to assess potential risk, exploitability likelihood, and ultimately guide the decision on the chosen attack vector.
3.
Enumeration and Scanning
4.
Attack & Penetration
After careful and intentional preparation, the engagement focus turns to the exploitation of isolated vulnerabilities. Breadcrumb engineers with otherwise attempt to prove the existence of conceptual attack vectors, while preserving the integrity of the network.
REPORTING DELIVERABLES
- Engagement Overview
- Executive Summary
This section is intended for executive personnel, and in plain terms, outlines the overall risk for the organization. It will detail: 1) Summary of Strengths, 2) Summary of Weaknesses, and 3) Strategic Recommendations.
- Recommendations / Quick Wins
- Summary of Findings
- Penetration Testing Results
- Attachments