Our Services

How to minimize the Cyber Risk without impacting Enterprise Operations and/or even when the ICT infrustructure is still to be deployed

SYSTEM MODELLING

- Automatic modelling of ICT system topology
- Perimeter definition for cyber risk assessment
- Vulnerability Acquisition: Standard, Web, Social Engineering, Source Code

ATTACKER MODELLING

- Skills and Resources available
- Attack Surface and Target
- Insider, Outsider and Social Engineering Attacks
- Known and Customized Worms like WannaCry, Stuxnet etc.

SYSTEM MODEL RUN

- System model building
- Level of confidence of the successful attacks
- Time and probability to reach the target

CYBER RISK ASSESSMENT

- Attack path simulation
- Hacking Probability and Confidence Level for each attack path
- Successful and failed attacks

 

COUNTERMEASURES

- Iterative vulnerability-remediation process
- Final remediation list to eliminate cyber risk
- Minimization of countermeasures to be applied
- Remediation involves patches, HIDS, NIDS, Honeypots, Virtual Machines and Sandoboxes

SYSTEM RESILIENCE

- Stress curves as functions to measure your system robustness under attack
- Curve #1: same target different attackers
- Curve #2: same attacker different targets
- Curve #3: by time, by attacks, by impacts/costs

WHAT-IF ANALYSES

- Some changes in topology
- Suspected Vulnerabilities
- 0-Day Vulnerabilities
- Suspected Attackers and Worms