As part of the unique methodology in helping organizations mature in their cybersecurity defensive capabilities, Silent Break Security offers a collaborative assessment. Collaborative assessments shorten the feedback loop between red and blue teams and improve organization security much faster than the typical security testing approach. The Collaborative Penetration Test also provides a cooperative environment to test, retest, and compare current implementations to best-practice guidelines in real-time. This approach also allows for targeted testing focusing specifically on gaps identified in previous assessments and assists IT personnel in identifying attacks, improving monitoring, hardening devices, and overall information security training.
Silent Break Security professionals work directly with the IT security team to actively test potential areas of improvement within the environment.
Another critical piece of information security is appropriate intrusion detection system monitoring and alerting. This is the most common area where organizations are lacking in their defensive capabilities against attackers. Contrary to vendor belief and promotion, IDS systems come preconfigured to catch only the most obvious attacks.
Mitre Attack Framwork
MITRE’s Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) is a knowledge base for cyber adversary behavior. It includes a vast repository of known attacker tactics, techniques, and procedures ranging from low to high sophistication. Silent Break Security applies the ATT&CK framework in collaborative assessments to help organizations establish a baseline in their security maturity.
The Collaborative Penetration Test is conducted onsite with the organization’s security team. The assessment is scoped with two Silent Break Security professionals. To facilitate collaboration, a conference room is preferred. The test VMs and domain accounts will be used throughout the assessment to simulate the compromise of an employee’s account and workstation.
Network Perimeter Hardening
Perimeter network security plays a critical role in ensuring attackers are unable to exfiltrate and/or control malware from outside an organization’s network. Because of the critical role, Silent Break Security recommends a granular testing approach in hardening the perimeter, primarily the proxy.
End User Workstations
Understanding the attacks facing end users is one of Silent Break Security’s competitive advantages and the solution is not purchasing more tools or implementing more training. Leveraging existing tools within the target environment, Silent Break Security analyzes potential threats for privilege escalation, attacker pivoting, and workstation vulnerabilities.
Internal Network Security
Typically organizations focus their time, resources, and budget on upgrading and hardening their external network footprint. In years past this approach may have been sufficient. However, current attacks are targeting internal network access. Silent Break Security recommends a closer analysis of the current state of the internal network.