A Compromise Assessment is to find out if there are any unwanted guests living in your house.
Imagine you have an IT infrastructure as your house, and Compromise Assessment may help detect unwanted guests!
Having critical IT infrastructures in your business is like having a property full of jewelry. You would be paranoid and keep checking around your house for any sign of breached doors or windows. Well, compromise assessment serves the same purpose too!
Compromise assessment helps to identify whether the network security or systems are compromised.
Potential compromise can discover within your organization from identifying footprints left by attackers, suspicious attack indicators in the network, and the discovery of abnormal usage of computer resources.
The presence of unwanted guests will threaten the security of your business. Once the attackers are in our network and systems, it is difficult to predict when they will make the next move; they may be staying dormant or actively exfiltrating critical information assets from your organizations. As long as they decide to stay persistent within your network, they will remain a threat.
Any unauthorized activities can bring tremendous financial losses and damages to your company; conducting an effective Compromise Assessment may assure that your environment is clean.
Learn more about LGMS Compromise Assessment.
Vulnerability Assessment checks on weaknesses of a specific subject; Compromise Assessments hunt for any signs or potential evidence of compromises in your entire infrastructure. Imagine your infrastructure as a house.
Vulnerability Assessment checks for the security of the doors, windows, and the design of your fence, but whether or not any rodents or pests live in the house, we will not be able to tell. Vulnerability Assessment focuses on testing the effectiveness of Controls security (e.g., “Door locks, Windows, etc.).
To find out if unwanted rodents or pests are living in your house, we need to apply a Compromise Assessment: We will check behind the walls, under the floor tile, space in between the roof and ceiling, even the pipes under the kitchen sink, hunting for any unwanted rodents and pests. The same analogy applies to a professional Compromise Assessment on business infrastructure. A professional compromise assessment shall cover all business infrastructure angles, from endpoints, network devices, servers, IoT devices, and more.
Vulnerability Assessment and Compromise Assessment serve a different purpose of security scanning, engaging with a professional cybersecurity consultant to carry out the specific tasks to meet your organization’s business objectives.
Compromise Assessment is a fusion of both manual and automated analysis work. Software alone is not enough to identify compromise or signs of compromise. We need human intelligence to uncover even the tiniest bits of clue during compromise assessment, to ensure that we do not miss out on any potential hidden threats.
Only engage with Professional assessors who have extensive experience, particularly in Incident Response, Threat Hunting, Digital forensic, and Malware Analysis. View more for Standard of Achievement.
This is the biggest myth about Compromise Assessment: Deploying EDR Solution.
Compromise Assessment is NOT just about deploying another brand of EDR Scanner. Many factors need to be considered before bringing another brand of EDR to deploy into a business environment.
The followings are the business-critical questions that we need to address:
Compromise Assessment may be a new form of exercise in the local market. Many vendors simply assume that by deploying EDR tools they will be able to deliver a compromise assessment. This is misleading and dangerous; it creates the illusion that can do a compromise assessment by bringing in branded EDR products or product principles.
Simply deploying another brand of EDR software may potentially bring impact in the following perspectives:
Organizations are recommended to have the following in place to have an effective compromise assessment effective:
An effective compromise assessment shall cover all angles of hiding points of potential Hackers. This basically means that we will cover all different infrastructure layers: network, application, and servers even to study past events within the infrastructure. There will be the utilization of a combination of commercial and proprietary tools to make the compromise assessment complete.
Be careful not to be misled by vendors who advocate bringing different brands of EDR into your environment. Particularly the vendors who also happen to be the reseller of such EDR products. In this case, their intention is obvious.
In any form of fair assessment, the assessor shall always be free from being a product or solution representative. This is to provide the highest level of assurance to the client that whatever advice and recommendation provided by the assessor will be accurate to the client’s environment and the client’s needs.
The assessor’s opinion shall always be objective, neutral, and product agnostic. This is only possible when the assessor does not have any affiliations in selling products and solutions directly related to the assessment work.
Critical points to remember:
Engage with neutral experts who do not sell any security products and solutions. Refer to the experience in handling actual cyber incidents.
Visibility is the key success factor in managing security. We cannot manage what we cannot see.
The closer we have in-between compromise assessments, the better visibility we will have on our infrastructure. We recommend you shall do a compromise assessment at least on an annual basis.
How often to conduct compromise assessment is based on your organization’s risk strategies. Hackers develop new techniques and tools to compromise systems at exponential rates.
Get in touch with LGMS today. Our professional consultants will be able to provide a quick assessment of your needs.
Alibaba is promoting LGMS Advanced Penetration Testing and Security Assessment worldwide. Read more
IDC regards LGMS as one of the leading IoT pen test vendors in Asia Pacific, amongst others like Symantec, IBM, Huawei, and etc. Read More
TÜV Austria Cybersecurity Lab is established in Malaysia, as a joint venture between TÜV Austria and LGMS. The lab is to provide cybersecurity testing and certifications to organizations worldwide.
LGMS Reports are accredited by TÜV Austria, to be accepted as part of the certification compliance baselines for various TÜV TRUST IT certification programs. Read More
Understand Compromise Assessment Myths & Facts in 15-min.
Do you know that Compromise Assessment is not just about deploying another brand of EDR Scanner? From this video, you will learn what’s the biggest myth about Compromise Assessment. Let’s listen to the industry leader, #CEO of LGMS- Mr. Fong Chook Foong to talk about Compromise Assessment in the real world. Watch on YouTube
About LGMS
The leading cybersecurity expert in Asia trusted by multinational corporations around the world. LGMS is a cybersecurity consulting company focused on delivering specialized cybersecurity assessments, consultations, and advisory services. Established in 2005, LGMS has since built a reputation for its integrity, values, and best practices by providing world-class professional services to local, regional, and international clients across various industries and backgrounds. Visit www.lgms.global for more information.
Click in for information about LGMS services
For more, follow us on
LGMS YouTube Channel: LGMS Penetration Testing Expert (LE Global Services)
LGMS Facebook Page : lgms.global
LGMS Linkedin Page: lgms-global
LGMS Instagram ID: lgms.global
LGMS TikTok: www.tiktok.com/@lgms.global
More news about LGMS: