enrapture-media-267389_bearb.jpg
 

1

Cyber Defense Assessment

The Cyber Assessment is designed to evaluate the practical defense capabilities of your organization and the readiness to handle a cyber-incident or cyber-attack.

The assessment is based on the 3-layer defense process:

 

 
 

1. Prevention

The organization’s abilities to stop cyber-attacks by means of protective mechanisms designed to stop security incidents from occurring externally and internally.
 

2. Monitoring and detection

The organization’s ability to effectively monitor traffic, data, network behavior and being able to identify an incident at early stages.
 

3. Response

The organization’s ability to handle a cyber-incident once it has been identified by effectively blocking, containing and remediating an attack, with minimum impact on the organization.

 
 

2

Penetration Test

A high level sophisticated penetration test which focuses on information assets rather than on information systems. This attack simulates a motivated hacker or team of hackers, which targets a specific asset in an organization, be it source code, emails, financial information, general production environment, SCADA environment or any other organizational asset.

The team will use all means necessary, within given financial limitations, in order to get access. The attacks can include custom developed tools and research in order to bypass security appliances and software on the client's premises.

 

Tests will include the following:

  • Social engineering

  • Malware manipulations

  • Advanced Phishing (internet or cellular)

  • Circumventing protection systems

  • Resilience of network separations

  • Manual and in-depth testing for logical problems in the infrastructure's architecture and settings

  • Use of external dark-web tools for filtering, decoding, bypassing and “crypting”

 
 

3

Remediation + Forensics

We provide high level digital forensic services in various different forms, in order to identify, contain and neutralize cyber-threats and to enable the investigation of a specific mobile, network and PC event or incident.

 

 
keycap_9.png

Network Forensics

To identify malicious activity and security misconfigurations in an organizational network using traffic analysis in order to detect malware/attackers.

 

server.png

Server Forensics

To identify malicious activity in order to detect malware or unauthorized activity on a specific server or machine.

 

pc.png

PC Forensics

To identify malicious software on the examined device and reconstruct the origin of the malicious activity.

 

 
 

4

Cyber Intelligence

A uniquely developed technology and an array of tools that optimize the ongoing intelligence information collection and analysis, in order to create an effective and reliable intelligence grid. This enables the identification of leads, allowing our team of specialists to follow those leads and to investigate and report information from a variety of sources ranging from the indexed web, the deep-web and the dark-net.

    The features of this service are:

    • 24 hour automated information collection

    • Extensive coverage of deep-web sources

    • Unique Intellectual Property – DUA (Digital Undercover Avatars). This technology allows the automated operation of digital avatars to infiltrate groups

    • Analysis tools

    • Process based Intelligence Lead Management Systems allowing effective intelligence follow up and reporting

    • Security risk management
     
     
     

    5

    Advisory Services

    22kN can advise and consult your business in various approaches:

    • Security Program Review / Development / Remediation
    • Infrastructure Design / Assessment / Remediation
    • Penetration Testing
    • Vulnerability Assessments
    • Social Engineering and Facility Breach Exercises 
    • IT Risk Assessments / IT Audit and Compliance Engagements 
    • Incident Response 
    • Digital Forensics / Litigation Support 
     
     
     

    6

    Training and Awareness

    We provide a vast selection of cyber training courses, seminars and workshops for private and public companies at all technological levels, all of which are custom made for our client’s specific requirements.

     

    Custom made

    Our hands-on experience in fully establishing operational cyber units for various state and private level organizations allows us to offer extensive training, ranging from architecture and design of technologies as well as operational systems through procurement of tools, software, infrastructure and applications.

     

    Proven track record

    Building and training cyber units and cyber teams provides us with a unique experience of end to end training of various levels of personnel and a vast experience in maintaining an ongoing qualification process for cyber related skills and abilities.