INCIDENT SIMULATION
Nobody wants to learn that they were unprepared for an incident after they've had the misfortune of experiencing one. Our incident simulation service faces you with a realistic attack scenario, giving you a clear understanding of where the strengths and weaknesses are in your incident response preparations - but without the same risks that a genuine incident pose.
Our goal is to enable organisations to move beyond compliance-focused security and develop true defence-in-depth: we value effective controls that manage real risks, not just tick boxes. The simulations aim to help grow your technical staff, educate your end users, and enable you to refine your controls, policies, and processes.
Overview
Our simulations are an intelligence-led engagement which adopt a hybrid red team/tabletop methodology to thoroughly test your incident preparedness. Testing is undertaken by a qualified specialist who accurately simulates an intrusion using the same tactics, techniques, and procedures (TTP's) used by adversaries in real-world intrusions. Campaigns are tailored to the profile of your organisation and can operate from either an assumed-breach or end-to-end perspective. This may include:
- Open-source intelligence (OSINT) gathering.
- Bespoke phishing kits and malware loaders.
- AV/EDR/NGFW evasion.
- Command-and-control deployment.
- Data exfiltration.
- Ransomware payloads.
Outcome
Knowledge of the engagements is kept within a limited sponsor group, who agree on the campaign scope and required outcomes. Typically, this may include:
- Identifying flaws in incident response documentation and process.
- Prioritising key technical, process and policy improvements.
- Educating technical staff on incident response process.
- Promoting end-user security awareness.
- Gaining insight into your vulnerability and attack surface.
- Evaluating the effectiveness of current defensive controls.