We attack your organisation, while you try to defend & mitigate.
Evaluate your detection & response capabilities.
Learn from a specific scenario to minimize real damage from a real attack.
Ground your security investments in evidence and real numbers.
A scenario based penetration test is not like traditional penetration tests. Traditional penetration tests usually focus on discovering vulnerabilities using a very limited scope, covering only a narrow aspect of the organization’s IT landscape.
Scenario based penetration tests have a bigger (organization wide) scope, and have different goals, namely: how resilient and/or mature is the organization to defend against real world attacks.
Using a Red Team engagement you usually emulate a certain threat actor by performing a cyber-attack on the whole organization following the tactics and methodologies of selected threat actor(s). With a scenario based pentest you are able to run a specific scenario's and are able to by-pass certain steps. If you want us to investigate a scenario from for example a server, we don't need to setup phising but start with a leg-up right away.
Our multidisciplinary team of seasoned and highly motivated professionals will test your organisation against real life scenarios.
We compose our team based on the following expertise that suits your scenario.
“During a scenario based pentest, we simulate a highly sophisticated attack on your organization. The findings are usually a huge wake-up call, motivating you to increase your resilience.”
Based on active threats in your industry.
After a scenario based pentest, depending on the findings and exposed risks, there is more or less work to be done: vulnerabilities must be repaired and risks adequately reduced. Where necessary, we advise clients on repairing vulnerabilities found and making adjustments to the software and organization.