TESTING YOUR CONTROLS AND PROTOCOLS

WITH PENETRATION TESTING AND LIVE FIRE DRILLS

CAERLEON BREACH RESPONSE

EFFECTIVELY BALANCING TRADITIONAL APPROACHES WITH LEADING-EDGE INNOVATION

Testing Your Controls and Protocols

Breach Preparation and Response

Caerleon now offers advanced breach response training and vulnerability assessment through system penetration testing and, “Live Fire Drills” for clients seeking to test the effectiveness and timeliness of their breach response teams and protocols.

Summary

  • Caerleon Security can perform tests to measure holistically the effectiveness of an entity’s defenses.
  • These external tests are the only way to ensure that all defenses are working as they should.
  • We can test your controls – with penetration tests – and your procedures – with fire drill tests.
  • Together they ensure that:
    • The security controls currently in place protect you against cyber data breaches.
    • The procedures your teams currently have in place for responding to a breach are efficient and effective.

Click the left and right arrows to see our services.

Penetration Testing

Breach Preparation and Response

  • Imagine you are going on vacation, you invite an expert to attempt to break into your home to test your security system, if he or she succeeds, a note will be left on your counter. Similarly, penetration tests seek to break into your system, test your security and if successful, notify you without causing any harm.
  • Our personnel, who are skilled in deliberate penetration, will simulate a cyber attack to identify your system’s vulnerabilities, allowing you to improve your controls and protect yourself before a real threat occurs.
  • The simulations we execute find weaknesses within the controls of a given system by:
    • Identifying possible entry points to their system through our non-threatening break-in.
    • Analyzing the extent to which a breach could impact business and operations.
    • Producing evidence to support additional investment in security technology and controls to the C-Suite and Board.
  • Types of penetration testing include:
    • Targeted testing: The sponsor’s IT team and Caerleon will work together, and make the targeted test’s being carried out known to all members of the team.
    • External testing: Tests the vulnerability of the sponsor’s externally visible servers such as e-mail servers, domain name servers, web servers, and firewalls.
    • Internal testing: Tests to determine how much damage an employee could cause with standard access privileges.
    • Blind testing: Simulates the actions and procedures of a real attacker by severely limiting the information given to Caerleon’s team performing the test.
    • Double blind testing: Limits the amount of information given to Caerleon’s team performing the test as well as limiting who is informed about the fire drill within the sponsor’s team.

    GET STARTED TODAY

    Click the left and right arrows to see our services.

    Live Fire Drills

    Breach Preparation and Response

    • Just as conducted in school settings for fires, we will run a drill to test how your personnel react in the face of crisis. In this case, the crisis will be a breach. We will be the principal, clipboard in hand, there to observe and record the results.
    • A live fire drill is a practice to measure the effectiveness of an entity’s procedures when responding to a breach.
    • We tailor fire drills to the CISO or Risk Manager’s needs, working collaboratively, we will:
      1. Define the scope and focus of the fire drill.
      2. Determine the small group of people within the organization who will know in advance about the fire drill and who will help stage and monitor it.
      3. Ensure that the resulting analysis of the fire drill will address the needs of the CISO and Risk Manager and will produce meaningful and actionable data.
    • On the day of the fire drill, our Caerleon team will be there to:
      • Observe and document what happened in detail.
      • Be a low visibility coach to our sponsor.
    • After the fire drill, our Caerleon team will:
      • Work with the CISO or Risk Manager to define what should happen based on the results of the breach.
      • Write a report highlighting the areas of the response that were effective and noting the areas that need to be improved.
      • Produce actionable recommendations of improvements for our sponsor to take that are rooted in data and observations made during the fire drill.

      GET STARTED TODAY

      Click the left and right arrows to see our services.

      Our Team

      Breach Response Experts

      Our team is comprised of some of the most cutting edge and accomplished security experts in the world. They have found vulnerabilities for governments overseas, Apple’s Safari, and many other businesses large and small across the globe.

      Contact us in via the form in the following slide to learn more about our breach response team.

      Learn More About Our Team and Breach Response Services

      Breach Response Experts

      Fieldset

       

      Verification

      Contact us via the form in the following slide to learn more about our breach response team.