Adversary Simulation
Cortex Trace’s range of services provides practical solutions to cybersecurity problems every company faces in the digital world.
Red Teaming
Evaluate your organisation's security controls, procedures and overall security maturity by simulating a sophisticated end-to-end real-world attack
Cortex Trace’s Red Teaming service leverages and combines various adversary simulation capabilities to perform a realistic, sophisticated attack with a pre-defined objective. This objective, for example, can be accessing a specific sensitive network zone, extracting confidential data or gaining administrative level access over the environment.
The engagement is structured to contain a set of pre-defined stages which typically include reconnaissance, initial compromise, establishing persistence, privilege escalation and pivoting, and data exfiltration.
Assumed Breach
Assess your defensive readiness for the scenario where a sophisticated threat actor managed to establish an initial foothold on your network
There is a high probability that a persistent, sophisticated attacker can eventually compromise your organisation’s first line of defences. This incident usually happens by social engineering or by compromising a device or service on your network edge. These attackers have one vital advantage over ethical offensive security teams: they are not constrained by engagement timeframes. By assuming that a breach would eventually happen, the length of this exercise can be significantly reduced compared to an end-to-end (Red Teaming) test, while still delivering the majority of the benefits.
The Cortex Trace team always works towards a pre-agreed set of objectives while performing an Assumed Breach Simulation. This objective, for example, can be accessing a specific sensitive network zone, extracting confidential data or gaining administrative level access over the environment. Our team of experts will also adjust the sophistication of the attacks performed to match your organisation’s level of security maturity. The most common starting point is either a workstation in your environment or an unauthorised device connected to your network.
Perimeter Assessment
Map your publicly exposed resources and uncover attack surfaces you might not be aware of
Penetration testing is an effective way to measure the security of your hosts and applications. It is however heavily restricted in scope.
It is not unusual for an IT department to have an incomplete view of digital resources the organisation exposes to the Internet. Development environments, misconfigured devices or test systems might be publicly available and offer an easy way for attackers to breach the external perimeter of your organisation.
Our perimeter assessment service hunts for Internet exposed systems associated with your business and outlines your potential attack surface. Any easily exploitable vulnerabilities are reported together with a list of identified resources that can help you to understand your current security posture.
OSINT Analysis
Research and collect information from the Internet and the Darknet to understand risks and threat actors that might be targeting your organisation's infrastructure and personnel
Our threat intelligence experts will assist in determining which hostile actors are out there, their motive for potential attacks, and which tactics, techniques and procedures they may use to attempt their intrusions.
This iterative engagement type focuses on key assets and people. Cortex Trace then contextualises the gathered information and generates a personalised “threat report” with valuable information you can use to protect your .
Social Engineering