To help organizations improve their defenses beyond the simple “check the box” approach, or
traditional penetration testing “wash, rinse, repeat” cycle, Silent Break Security uses a
methodology customized to where an organization is at in their security maturity. To provide the
most value, it is necessary to test different aspects of a security program for organizations
capable in their detections and defenses compared to organizations newer to the path to
security. Silent Break Security is a sophisticated adversary that can adapt and assist both
organizations in their quest to improve.
In this assessment, the Assumed Breach Penetration Test begins from the perspective of an internal workstation, and bypasses the initial assumption of an attacker being able to obtain internal network access (typically through social engineering). The initial workstation access point can be a virtual machine configured exactly the same as an end-user workstation (ideally configured after a department likely to be targeted/exploited in a social engineering attack), or a real end-user workstation being used every day by an employee. These scenarios provide a realistic simulation of an endpoint becoming compromised. Leveraging custom tools and techniques, the Silent Break team attempts to stealthily and covertly escalate privileges from the initial workstation.
As the Silent Break team performs the assessment, the organization’s internal security team can work in tandem to monitor pivoting techniques, identify malicious callbacks, detect privilege escalation, and overall refine the incident response process. The realism and sophistication of the Assumed Breach Penetration Test will both identify weaknesses in the environment from the perspective of a sophisticated adversary, and help the internal security team improve preventions, detections, and the incident response process.