Data Exfiltration Simulation
Testing for SOC response time during a data breach is a specialty Penetration Testing service eVAL offers.
Simulated sensitive data is exfiltrated through various techniques in escalating levels of difficulty to detect in order to identify gaps in logging, alerting, and Incident Response teams.
Penetration Tests are an inch wide and miles deep. The primary goal is to establish persistence within the network and compromise as many high-value targets through active exploitation as quickly as possible, while avoiding detection, and meeting other purpose specific goals identified through a co-operative effort between eVAL consultants and your internal leadership.
The engagement is a covert “assumed compromise” offensive attack levied at IT infrastructure, internal staff, and decision makers commonly referred to as a “black-box” approach. This methodology closely models legitimate attacks by real-world Threat Actors and Advanced Persistent Threats.
Network Penetration tests are priced according to the specific goals outlined, the length of engagement, and the number of scoped assets. Testing averages for most clients fall within a 1 - 2 week engagement, plus 1 additional week for reporting.
A list of in-scope target IP addresses and individuals is the only requirement for this engagement.
The deliverables include a comprehensive network penetration analysis report with remediation information, and an Executive Summary of the attack scenario with objectives achieved.