A key component in understanding the total valuation of a company is determining its security profile and associated risks, even from within its network. Any compromise assessment should revolve around the following questions:
With Kroll’s cybersecurity compromise assessment, our world class experts investigate to detect past and ongoing cyber incidents within an organization’s internal environment and provide mitigation steps to resolve any security events. This assessment can help facilitate better-informed business acquisitions and help determine whether an organization is currently at risk or has been previously compromised.
A compromise assessment is an exploratory incident response investigation in which experts use specialized forensic tools and investigative tactics to analyze an organization’s environment, pinpointing signs of attacker activity, both past and present.
This assessment can also enable organizations to highlight critical weaknesses in their cybersecurity controls and practices and put mitigation steps in place where necessary.
Kroll’s compromise assessment process includes:
Summary findings of the assessment may include, but are not limited to, the following:
We leverage our forensic and incident response expertise in responding to 3,000+ engagements every year to assist in addressing current threats and advising on further incident response actions and any other additional investigative steps required.
A cybersecurity compromise assessment can uncover both past and current activity on a network. If this type of activity is actively identified during the course of the compromise assessment, Kroll can immediately pivot, leveraging the same tooling and endpoint coverage, into incident response and undertake forensic analysis on affected hosts. This involves:
Performing a compromise assessment differs from a vulnerability assessment in a myriad of ways. While both are crucial, each serves a different purpose in ensuring the security of a network.
Compromise Assessments: Wide-Ranging Insight Into Past and Present Malicious Activity | Vulnerability Assessments: Proactive Evaluation for Identifying Weaknesses |
---|---|
A compromise assessment determines the current security status of a network, including any active threats or indications of past malicious activity. This provides organizations with wide-ranging insight into their security, allowing them to reduce the risk of future attacks and identify ineffective security practices that could be compromising their security. | A vulnerability assessment is performed to proactively evaluate a network for weaknesses through assessment tools and manual attack techniques. This can help improve an organization’s security posture and make it less susceptible to a breach. While these types of engagements are designed to search for security vulnerabilities, unlike compromise assessments, they do not detect existing compromises and related underlying attacker activity. |
A compromise assessment delivered by proven experts can provide critical insight into the security of your network—and assure the continued security of your organization. Kroll clients can include a compromise assessment in Kroll’s cyber risk retainer, as part of M&A due diligence review, or a network merger, post-acquisition. A cyber risk retainer provides prioritized access to elite investigators and the flexibility to allocate credits to all other cybersecurity solutions offered by Kroll.
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.
Proactively identify vulnerable systems and devices that may be exploited by an attacker or malicious software, often resulting in data loss or breach.
Kroll's computer forensics experts ensure that no digital evidence is overlooked and assist at any stage of an investigation or litigation, regardless of the number or location of data sources.
Kroll's expertise establishes whether data was compromised and to what extent. We uncover actionable information, leaving you better prepared to manage a future incident.
Find, collect and process forensically useful artifacts in minutes.
With a global mobile device forensics team and a proven track record in investigation and litigation support, Kroll enables key digital insights to be accessed quickly and securely.
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.
by Carla Nunes, David Larsen
by Thomas Bock, Fernanda Barroso, David Lewis
by Josh Benn
by David Scott, Miguel Peleteiro, Diogo Pais