Services Details

SOC Testing




Generally, the best practice to improve the “blue” team is to work hand-in-hand with the “red” team. This turns into a “purple” teaming engagement, where the red team runs common attack scenarios, such as malware uploads, file extractions, network attacks, and further-more with the goal of improving blue team base-lining and detection capabilities.

OUR METHODOLOGY

All testing performed is based on the NIST SP 800-115 Technical Guide to Information Security Testing and Assessment, OWASP Testing Guide (v4), OWASP Top 100 Scenerios, and customized testing frameworks.

  • Discover:Client aims are gathered and rules of engagement are obtained.
  • Analysis:Accomplish scanning and enumeration to identify critical vulnerabilities, weak areas and exploits.
  • Attack:Confirm critical vulnerabilities through exploitation and perform additional impacts over new access.
  • Reporting:Confirm critical vulnerabilities through exploitation and perform additional impacts over new access.