Listing Thumbnail

    Saepio Ransomware Defence Assessment

     Info
    The Ransomware Defence Assessment is a blended approach of both paper audit checks and hands-on manual testing, aiming to thoroughly assess the client's current administrative and technical controls, as well as the teams and processes in place to detect attacks, and the plans to restore business activities.
    Listing Thumbnail

    Saepio Ransomware Defence Assessment

     Info

    Overview

    This assessment is split into 3 key areas: Audit Checks, Infrastructure Testing & Attack Simulation.

    Audit Checks Robust and regularly tested procedures, policies, guidelines, and awareness training are critical components in the business-wide approach to ransomware defence. Therefore the ‘Audit Tests’ aim to ensure that the most appropriate policies and procedures are in place along with suitable technical controls to mitigate the risk of a ransomware attack. Typical tests would include confirming backup and recovery activities, automated patch management, malware controls, CIRP and DR plans, and distribution of awareness training.

    Infrastructure Testing The infrastructure includes a wide range of hosts and services, all with unique security configurations, and each providing a key technical control. The ‘Infrastructure Testing’ aims to provide assurance that your current configurations across your key hosts and services are effective and appropriate. Tests include confirming that mail filters block the most recently used malicious attachments, that data backups are appropriately secured, that compromised user accounts cannot easily access sensitive information, and that remote access solutions are configured with the most secure authentication controls.

    Attack Simulation The ‘Audit Checks’ and ‘Infrastructure Testing’ could be considered as part of the ‘Preparation Stage’ of incident response. However, the remaining steps from detection through to recovery should also be examined. The ‘Simulation Tests’ aim to examine the effectiveness of your defence systems, but also the responsiveness of the IT team. The tests simulate ransomware activity in a controlled and non-disruptive way, allowing all stages of incident response to be played out, identifying any opportunities for improvement.

    Concise Reporting The RDA report structure is divided into the three main categories, namely, ’Audit Checks, ‘Infrastructure Testing’, and ‘Attack Simulation’. Each test is then further divided into sections to explain the issue’s relevance in ransomware defence. It provides a view of the short-term and long-term administrative and/or technical steps that could be taken to mitigate risk. The report also overlays the severity of each issue based on probability and potential impact to your environment. Finally, the report includes as much evidence as possible to validate our findings. For example, proof of concept images, code output where appropriate, and any recommended external resources

    The Saepio RDA is carried out by trusted penetration testing partner Pentest People and subject to scope.

    For more information on this service please get in touch – tmorton@saepio.co.uk 

    Highlights

    • Ransomware audit check
    • Penetration testing
    • Ransomware attack simulation

    Details

    Categories

    Delivery method

    Pricing

    Custom pricing options

    Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Support

    Vendor support

    For more information on this service please get in touch tmorton@saepio.co.uk  T: 01494 924 352| M: 07812 960 447

    Software associated with this service