BlackBerry Security Services Compromise Assessment

Find Current Compromises - Prevent Future Attacks

The BlackBerry® Security Services Compromise Assessment (CA) will rapidly determine if your organization is currently compromised or shows signs of past or compromise or security incidents.   We will provide a detailed report of any threats found and suggestions to prevent future attacks.
Service Overview

Service Overview

BlackBerry Security Services experts employ an AI-enriched best practices methodology for Compromise Assessments. Consultants hunt for anomalous and suspicious behaviors, investigate related threat actor activities, and report on these activities. All Compromise Assessment engagements address the twin domains of threat hunting and attack surface reduction and proceed from initial to targeted assessment phases when necessary.

How it Works

Phase 1: Initial Assessment

In this phase, you will be provided with a lightweight package of software and scripts for capturing the data the BlackBerry Security Services CA team will need. This typically includes filesystem metadata from endpoints, log data from network devices, event and alert data from ancillary security systems, and more.  Next, the team utilizes proprietary cloud-based tools and methodologies to normalize, contextualize, enrich, and format the data. The resulting forensic artifacts are processed with a proprietary analytics engine and reviewed by the CA team to identify “hosts of interest” and activities that require further investigation.

Phase 2: Targeted Assessment

During targeted assessment, standalone executables are deployed to the hosts of interest to gather more in-depth forensic data about the suspicious activity flagged during the initial assessment. If an active breach is detected, the CA team can immediately transition into incident response, utilizing best practice IR methodologies to trace the kill chain, document exploited vulnerabilities, assess impacts, and craft remediation plans. 

Why BlackBerry?

Choose BlackBerry to identify areas of risk to better protect your organization against a future attack.

  • Proactively determine if a network has been compromised
  • Obtain results in weeks, not months
  • Experience limited impact on system resources through a scalable and efficient process — launched through dissolvable scripts and/or the BlackBerry® Protect agent
  • Receive assessment coverage of Windows®, macOS®, or Linux® operating systems

Deliverables

At the conclusion of the assessment, a comprehensive report is provided to your executive team with findings and recommendations for:
Deliverables Deliverables Deliverables
Threat Hunting Findings: If a past or current compromise has been detected, the report will detail its nature, extent, and impacts on the environment.
Deliverables Deliverables Deliverables
Attack Surface Reduction Findings: Strategic and tactical recommendations for improvements to your organization’s security posture will be detailed, along with a risk-prioritized assessment of attack surface reduction opportunities.

How confident are you in knowing whether or not your organization has been compromised? Contact BlackBerry Security Services or your technology provider to discuss your incident response needs.