MicroSolved has been offering Persistent Penetration Testing (PPT) to select clients now for a couple of years. We have been testing and refining our processes to make sure we had a scalable, value driven, process to offer our full client base. We have decided to open the PPT program up to another round of clients, effective immediately. We will be open to adding three additional clients to the PPT group. In order to qualify, your organization must have an appetite for these services and meet the criteria below:
The services:
- MSI will actively emulate a focused team of attackers for either a 6 or 12 month period, depending on complexity, pricing and goals
- During that time, MSI will actively and passively target your organization seeking to reach a desired and negotiated set of goals (usually fraud or theft of IP related data, deeper than traditional pen testing)
- Full spectrum attacks will be expressed against your organization’s defenses in red team mode, across the time window
- Once an initial compromise occurs and the appropriate data has been identified and targeted, we will switch to table top exercises with the appropriate team members to discuss exploitation and exfiltration, prior to action
- If, and only if, your organization approves and desires, then exploitation and exfiltration will occur (note that this can be pivoted from real world systems to test/QA environments at this point)
- Reporting and socialization of the findings occurs, along with mitigation strategies, awareness training and executive level briefings
- The process then repeats, as desired, through the terms and sets of goals
The criteria for qualification; Your organization must:
- Have full executive support for the initiative, all the way to the C-level and/or Board of Directors
- Have a mature detection and egress process in place (otherwise, the test will simply identify the needs for these components)
- Have the will to emulate real world threat activity without applying compliance-based thinking and other unnatural restraints to the process
- Have a capable security team for MSI to work with that has the capability to interface with the targeted lines of business in a rapid, rational and safe manner
- If desired, have the capability to construct testing/QA platforms and networks to model real world deployments in a rapid and accurate fashion (requires rapid VM capability)
- Be open to engaging in an exercise with an emulated aggressive adversary to establish real world risk and threat profiles
- Be located in the US (sorry, we are not currently accepting non-US organizations for this service at this point)
If your organization meets these requirements and you are interested in discussing PPT services, please drop me a line (Twitter: @lbhuston), or via email at Info at microsolved dot com. You can also reach me via phone at (614) 351-1237 x 201.