Our threat discovery engagements focus on the identification of anomalous and suspicious behaviors to determine if there are any ongoing threats present within your environment. These include targeted threat actor activities that are potentially unnoticed or unidentified.
We leverage existing data sources and toolsets within your infrastructure, supplemented with additional solutions that can be deployed to ensure the full visibility needed for the identification of any potential threats.
Our threat discovery services fulfill a wide variety of requirements, including:
M&A Activities
Perform due diligence and ensure the environmental health of recent acquisitions prior to integration with your existing infrastructure or organization
Penetration Testing
Supplement penetration testing engagements to tell you how a threat actor could get into your environment, and if they already have.
Internal/External Analyst Support
Enhance the capabilities of your internal team or external service providers to include periodic sessions specific to the identification of advanced threat and targeted attack activity.
Third-Party Validation
Confirm and assess the capabilities of your current analysis resources or visibility being provided by current solutions.
Investigation of Suspicious Activities
Validate preliminary findings or reports of suspicious activity, or assuage concerns of the current incident or breach.
Post-Incident Confirmation
Ensure that remediation efforts associated with previous incidents have been effective and there is no subsequent adversary access.
Sustained Hunting Expertise
Weekly hunting sessions to fulfill internal requirements for proactive threat hunting capabilities.
The frequency of our engagements range from a one-time initiative to weekly sustainment services — all aligned to your specific needs.
During our threat discovery engagements, we leverage your existing toolsets and data sources in conjunction with supplemental solutions that can be deployed as part of the engagement to achieve the necessary environmental visibility.
Full visibility across network, endpoint, logs and other data sources allows our team to obtain current and historical situational awareness that ensures a holistic view of any potential threats acting within your environment.
Typical threat discovery activities include the below components to ensure the required environmental awareness:
Results of your threat discovery engagement can range from insecure controls and identification of vulnerabilities to the extended presence of advanced threat actors working within the environment.
Regardless of the findings, our incident response experts work closely with your team throughout the engagement to communicate findings and provide tactical and long-term strategic recommendations that will increase your overall security posture.
Certifications
