Adversarial Attack Simulations consist of conducting precision attacks against an organization in order to test the effectiveness and responsiveness of different parts of a security program.
Unlike traditional testing, an Adversarial Attack Simulation takes an integrated approach to assess your information security defenses by combining multiple testing strategies into a comprehensive offensive engagement, with the sole objective of gaining access to customer assets.
Adversarial Attack Simulation can include:
- Specialized Malware
- Open Source Reconnaissance
- Social Engineering
- Targeted Web Application Attacks
- Physical Security Attacks
- Wireless Attacks
With TrustedSec, you can:
- Improve your team’s organizational readiness
- Inspect current performance levels
- Improve training for defenders
- Increase end-user information security awareness
- Evaluate the effectiveness of your IT security defenses and controls
- Gain objective insights into vulnerabilities that may exist across your environment
Detection – The ability to detect an attack through multiple phases of a compromise. This is the foundation to any capabilities of reducing the damage inflicted during a breach. Detection systems include SIEMs, NAC rogue device detection, account change monitoring, suspicious command usage, user behavior analytics (UBA), etc. Where detection controls cannot be implemented, enhancements in deflection and deterrence controls are necessary.
Deflection – (Also referred to as protection) – The ability to build proactive measures that directly defend the network through protection. This would include Antivirus, Intrusion Detection/Prevent Systems, Network Access Controls, etc. Where protection controls cannot be implemented, enhancements to detection and deterrence controls are necessary.
Deterrence – The implementation of patch management procedures and enforcement of complex password policies. This also includes creating paths of least resistance to bait an attacker to use a specific system or set of credentials in order to detect their activity. This is often done with Honeypots, HoneyTokens, and HoneyCreds. Where deterrence controls cannot be implemented, enhancements in detection and deflection controls are necessary.