Penetration testing allows you to simulate a real-world attack scenario, it is looking at an attack from the offensive perspective. Our pen-test response service can provide a holistic view from the defensive perspective to provide you with real-world recommendations on how to deal with an attack.
The benefit of conducting forensics after a penetration test has taken place, is that many forensic artefacts will still be in place from the penetration test. This simulates a real-world attack scenario in which a forensic investigator would be requesting logs, and access to servers and/or endpoints to perform analysis. By performing Penetration Test Response, gaps for existing security controls can be discovered, thereby improving the level of readiness for when an attack does occur.
Assumptions are often made that forensic artefacts will be available when required, however we have discovered in every Incident Response service we’ve provided that there is always a significant gap in what evidence can be obtained due to these assumptions. Penetration Test Response will not only help train your team to know what to look for to detect future intrusions, it will also act as a security control gap assessment.
You might have a Blue Team (essentially IT Admins) who looks after SIEM and logs etc. However, they are not experts at looking for security incidents or anomalies. We can help your team by showing them what to look for, upskilling them so they can identify unusual activity and teach them Incident Response best practices so that they are better equipped to detect threats and malicious activity.
Our team are seasoned, experienced and business-minded security consultants with an average of 10 years experience across state and local government, health, finance, education, nonprofit organisations and more.