Security testing from an attacker perspective
Most organisations find it challenging to identify and address vulnerabilities as their IT environment continues to grow and evolve. These risks can be identified and mitigated through a combination of qualified scanning activities performed by experienced RedTeam testers that recon and act as a real-life attacker.
Cyber threats continue to evolve and cloud- and on-premise environments grow through the adoption of new and variable technologies. Continuous development and delivery results in frequent deployment of new applications, code and infrastructure, making a yearly penetration and application test obsolete in just a couple of weeks. This makes it challenging to keep up with attackers that continuously search for new attack surfaces.
As attackers tend to target the lowest hanging fruits, vulnerabilities that can easily be found and exploited, these need to be quickly identified and mitigated to protect critical assets and confidential information.
The Solution – Adopt the same approach as a real-life attacker
Usually, an attacker maps the organization’s IT environment using various scanning tools in order to find security vulnerabilities that can be exploited. As the organization’s attack surfaces are constantly shifting, security tests cannot be one-off activities. Instead, the tests need to be done continuously to match the way applications and infrastructure are managed and updated. Consequently, the best way to successfully identify and mitigate these vulnerabilities is to use the same approach as a real attacker.
Sentor offers the service RedSOC Recon and Attack, which is a combination of managed port and vulnerability scans and manual tests performed by experienced pentesters. All activities are performed remotely from Sentors RedSOC, which is the offensive part of Sentor’s SOC operations.
Sentor’s offer consist of three service levels; RedSOC Recon 1, RedSOC Recon 2 and RedSOC Attack. Each level can be delivered separately, but we recommend incorporating all to get the highest value of the service. The model is “inclusive” in the way that the higher service level incorporates the underlying service, so by buying RedSOC Attack, Recon 1 and Recon 2 will be included in the delivery.