Network Integrity Testing
Foreground will perform a network integrity test with the purpose of protecting your organizational data and preventing data leakage. The only way to be confident that data is not leaving your network is by knowing everything that happens across the network, i.e., capturing all network traffic and reconstructing the network sessions to the application layer for automated alerting and monitoring. We will apply patent-pending customized and tailored analysis through both automated and manual techniques. This includes using toolsets to visually inspect content traversing the network. We enable visibility into content and network behavior to determine if sensitive data, customer personally identifiable information (PII), intellectual property, and other valuable data are protected from accidental and intentional leakage.
Our testing includes a rigorous integrity test to validate the findings and eliminate false positives. Through this test Foreground will draw upon its own intelligence database that includes up-to-date information on that latest advanced threats, possible actors, and associated tools, techniques and procedures. Upon completion of our integrity assessment, Foreground will identify and report on any malicious code or evidence of tampering discovered within the environment. Foreground will attempt to identify a root cause of how this activity occurred and help you forge a roadmap to deal with remediating the findings. The reporting phase will tie together the results from the testing phase and present the analysis of Foreground security consultants including a risk rating with an agreed-upon structure that matches your own risk appetite.
Foreground will provide a detailed report that will identify the following:
- Actual malware on the network including live infected hosts (calling home or getting infected)
- Detailed reports on the infected systems, specific malware, and actions
- Attack/IDS signatures that can be used to further block this activity
- Reports on activity such as C&C or data exfiltration
- Other system connections or activity from that compromised system(s)
- Advanced threats
- Attribution on the attack sources or actors
- Inappropriate network use or activity reports
- Data loss (PII, SSN, or credit card information)
- Employee web and email usage
- Rogue SMTP or FTP servers
- Chat programs
- Geo-location issues and reports
Reports will show detail on activity in or out of your network(s) based on geo-location information including known dangerous location reports.