Although many of our services are undertaken to discover points of compromise, Feisty Fox Security can help an organization walk through the results of a successful compromise by taking a “what if” approach to an Assumed Breach. By forgoing the exercise of trying to breach the organization, time and resources are utilized only from the simulated point of attack.

As an example, a third party supply chain attack may be utilized due to some initial form of access being provisioned to that trusted third party. As many third parties have access into an environment and are often not considered for security testing (due to NDA or other contractual requirements), it can be difficult to actually understand the security posture of the third party until after an incident.

This is a good starting point for an organisation to perform an Assumed Breach exercise to understand their ability to identify and respond to malicious activity.

A range of example breach scenarios can be provided tailored to any organisation and Feisty Fox Security is happy to discuss unique starting points that make sense for your organisation’s industry sector and specific threat model.