MicroSolved has been offering Persistent Penetration Testing (PPT) to select clients now for a couple of years. We have been testing and refining our processes to make sure we had a scalable, value driven, process to offer our full client base. We have decided to open the PPT program up to another round of clients, effective immediately. We will be open to adding three additional clients to the PPT group. In order to qualify, your organization must have an appetite for these services and meet the criteria below:
- MSI will actively emulate a focused team of attackers for either a 6 or 12 month period, depending on complexity, pricing and goals
- During that time, MSI will actively and passively target your organization seeking to reach a desired and negotiated set of goals (usually fraud or theft of IP related data, deeper than traditional pen testing)
- Full spectrum attacks will be expressed against your organization’s defenses in red team mode, across the time window
- Once an initial compromise occurs and the appropriate data has been identified and targeted, we will switch to table top exercises with the appropriate team members to discuss exploitation and exfiltration, prior to action
- If, and only if, your organization approves and desires, then exploitation and exfiltration will occur (note that this can be pivoted from real world systems to test/QA environments at this point)
- Reporting and socialization of the findings occurs, along with mitigation strategies, awareness training and executive level briefings
- The process then repeats, as desired, through the terms and sets of goals
The criteria for qualification; Your organization must:
- Have full executive support for the initiative, all the way to the C-level and/or Board of Directors
- Have a mature detection and egress process in place (otherwise, the test will simply identify the needs for these components)
- Have the will to emulate real world threat activity without applying compliance-based thinking and other unnatural restraints to the process
- Have a capable security team for MSI to work with that has the capability to interface with the targeted lines of business in a rapid, rational and safe manner
- If desired, have the capability to construct testing/QA platforms and networks to model real world deployments in a rapid and accurate fashion (requires rapid VM capability)
- Be open to engaging in an exercise with an emulated aggressive adversary to establish real world risk and threat profiles
- Be located in the US (sorry, we are not currently accepting non-US organizations for this service at this point)
If your organization meets these requirements and you are interested in discussing PPT services, please drop me a line (Twitter: @lbhuston), or via email at Info at microsolved dot com. You can also reach me via phone at (614) 351-1237 x 201.
One of the less common assessments that MicroSolved performs for our clients is a Network Device Review (NDR). These assessments are aimed at helping clients assess the current state of specific devices or system configurations and improving them.
Common devices assessed via this service include:
- Routers and switches
- IDS/IPS deployments and configurations
- Load balancers
- Workstation and server install and image baselines
- ICS & SCADA devices from back end to customer premise
This type of assessment is performed using a combination of automated tools and manual time with our security engineers. The methodology leveraged to perform the assessment is very similar to our other assessments, with the engineers doing detailed analysis of attack surfaces and evaluation of relevant controls. Reports follow a more technical path for these services, with a technically focused report set and a small management level summary, keeping the cost of these services significantly less expensive than our deeper pen-testing and fuzzing assessments.
Customers often use these services to perform spot validation or as a part of an overall hardening project to improve their security posture organically. To learn more about the NDR service, get in touch with your account executive or contact us via info (at) micro solved (dot) com for a free conversation about how the NDR can help your organization.
As always, thanks for reading and stay safe out there!