Our highly qualified penetration testers expose gaps in security to critical systems
Kontex scenario based simulations emulate threat actor’s attacks to evaluate how your cyber security strategy responds. If you already perform regular penetration tests and security reviews you are already doing the right activities to secure your organisation. Scenario based simulated attacks are the next level in security testing and mimic a real attack and your organisations detection and response capabilities.
In order to test the protection of the assets your organisation values most we will work with you to identify your key informational assets. We will devise a number of realistic attack scenarios each using these unique targets and the tactics, techniques and procedures (TTPs) of threat actors in your sector. We will monitor the detect and response capabilities of your internal security team. Following the simulation we will produce a business impact report that will outline the gaps in your organisations security defences and expose the real business risks you are susceptible to.
Kontex seek to provide regulatory testing for frameworks such as Threat Intelligence-based Ethical Red Teaming (TIBER-EU) which enables European and national authorities to work with financial infrastructures and institutions to put in place a programme to test and improve their resilience against sophisticated cyber-attacks.
TIBER-EU is a common framework that delivers a controlled, bespoke, intelligence led red team test of entities’ critical live production systems. Intelligence-led red team tests mimic the tactics, techniques and procedures (TTPs) of real-life threat actors who, on the basis of threat intelligence, are perceived as posing a genuine threat to entities. An intelligence-led red team test involves the use of a variety of techniques to simulate an attack on an entity’s critical functions (CFs) and underlying systems (i.e. its people, processes and technologies). It helps an entity to assess its protection, detection and response capabilities.
Social engineering is used in a variety of ways in modern day attacks to obtain sensitive and useful information to use against an organisation in an attack. Kontex social engineering service is designed to highlight gaps in an organisations physical access and security awareness controls. Our experienced consultants use a mixture of tactics and techniques to expose weaknesses you may not realise you have. We provide actionable remediation advise on how to reduce threat of malicious attackers and ultimately reduce the risk of employee related security breaches.