What is it
To understand if the service is ideal for your company, we list the main actions taken during its execution:
We provide full support to exemplify, explain and assist in the execution of simulation attacks by your company. In this way, it is possible to have the help of a professional so that your tests really make sense and can bring the expected result rates.
We got our hands dirty and implemented the simulator for the necessary tests on each system used in the company. With that, you don't have to worry, just follow the results together with our team. The implementation process is done very rigorously, assigning each software its main vulnerabilities and testing them on top of that.
Support and additional projects to support
We provide support and support for any attack simulator implementation, carrying out full post-service follow-up and keeping all systems duly updated so that the work continues. As for additional projects, we carry out extensions of what was initially agreed if this is of interest to you. With this, we can carry out new updates, test new systems and assist in the discovery of new weaknesses.
What is possible to simulate?
There are several options, according to your market and mainly the systems used by the company. Generally, for each system, we depend on its version, usage characteristics and basic settings to understand how it behaves and what would be the likely attacks. With this, the simulation possibilities are quite varied and directed to meet the given system. Thus, we can mention as main simulations the SQL injection attacks, or the famous phishings and malware known as the backdoor and trojan horse. The possibilities are endless, but all those involving common and routine attacks are put to the test. In the end, the big goal is to determine how much your system would be able to fight and neutralize the action. Another possibility of the simulator is to validate how the barriers are not only for entry, but for maintenance. For example, how long could malware stay inside your system without being identified. All these variations of an attack are present in the simulations plan.
How is the simulation done?
As we said, first we carry out a complete verification of the system that will be simulated, to understand what its characteristics are and how to carry out the procedure. Furthermore, it is important that all systems are put to the test, so as not to leave any gaps. Along with this, the responsible developer cannot know about which attacks will be carried out, or he loses the whole purpose of the service. Those who will observe the attack need to be able to identify which attack is taking place and what it intends to do. In this way, the simulator will bring insights to this identification, especially in an everyday situation. After that, the whole part of combating the attack will be carried out, how it should be done, what measures to take, the extent to which action must be taken to prevent something without affecting the systems, among others. Countering a running attack requires care, so that you don't have a direct impact on the server itself. Finally, situations of withdrawal and complete neutralization of the threat are also simulated, including tracing possible return routes.