It was cold in Washington DC that January. Noah and I were taking a SANS training (SANS is the leader in cyber security training). The course we were taking is one of the most advanced Penetration Testing courses SANS offers, the topics cover cutting-edge hacking techniques that many enterprise cyber security tools are building defenses for.
We ended up working late on the labs trying to write an exploit with ROP Gadgets (you don’t need to know what the heck that is). While these are okay methods to know as a penetration tester, most modern Operating Systems reduce the effectiveness of these and they are rarely used.
As Red Team Operators, our jobs were to “emulate an adversary”, sometimes we emulated nation-state actors using advanced tactics, and sometimes we emulated low sophisticated actors, using the lowest level of sophistication necessary to get us into a network. Guess what worked almost every time.. that’s right, phishing emails. Once we were in, we weren’t using ROP Gadgets, we were exploiting the fact that networks weren’t segmented, file shares had sensitive information, and no one was watching.
At the same time, advanced tactics were getting all the attention, enterprises were demanding the tools to detect the advanced tactics and cyber security vendors were charging for the demand.
The small business is left reeling. Headline after headline about cyber security. Have you ever been hacked? Probably, most businesses have had an incident. Who did you call? Local Law enforcement can’t do much about it, the FBI isn’t interested in the little fish, and your local IT company might not have a good idea of what to do next either.
That’s where Adversis comes in. We believe in democratizing cyber security. It shouldn’t be ambiguous. Like running your business, you have procedures. Taxes, payroll, billing, it’s all defined. Now cyber security is too. With Adversis Continuous Security, you have your business scanned for threats, your employees being trained, and a simple roadmap for building cyber security resilience.
The technology and experience built into Adversis Continuous Security is best in class. We’ve run social engineering and phishing engagements for many global organizations. The roadmap is built from industry standards with a twist, we’ve applied our offensive security backgrounds to prioritize and make sense of them for you.
Get in touch today!
Adversis ACS: https://acs.adversis.io