Insider Threat Assessments
Our insider threat assessments address threats posed by trusted individuals and assets. Whether it’s a rogue employee, a nefarious contractor, or an honest user who has fallen prey to a sophisticated phishing or malware attacks, this service looks at weaknesses and malicious opportunity from the perspective of a user who already has access within the environment.
Insider threat assessments are designed to test security controls already in place, to test the rigor of security configurations, identify areas of lax access controls, and to test the defensive mechanisms in place to spot and respond to abuses.
As part of our insider threat assessment, we will:
- Attempt to gain local access to the corporate provided device
- Attempt to identify sensitive data within data repositories that should be protected
- Attempt to exfiltrate data
- Attempt to bypass security controls using unauthorized VPNs, reconfiguration of security controls, or any other means available to the user
- Attempt to deploy offensive security tools without detection
- Assess the risk and impact of a limited-access employee’s access to sensitive data, critical assets, and the greater IT infrastructure as a whole
Assume the same level of access as provided to third-party vendors to attempt to bypass security controls with the provided connectivity and simulate a malicious third party or compromised vendor