Security Control Assessment
A Razorthorn Security Control Assessment provides a complete view by testing organisations’ network security and detection tools against current and emerging threats. The evaluation simulates over 11 thousand attacks and techniques, including phishing and ransomware, allowing clients to quickly identify and mitigate threat coverage and visibility gaps. The results of the evaluation include easy-to-apply prevention signatures along with SIEM and EDR detection rules, while also mapping the results to the MITRE ATT&CK framework.
Questions That Razorthorn Can Help to Answer
- How secure is your organisation right now?
- Are you able to prevent against the latest exploits and threats?
- Where are our most critical exposures and vulnerabilities?
- How do we translate cyber risk to business risk for the board?
Benefits of a Security Control Assessment
Identify security weaknesses and visibility blind spots
Validate the effectiveness of controls and processes
Address exposures with prevention signatures and detection rules
Rationalise cyber security investments through security validation
Optimise SIEM and EDR threat detection capabilities
Post-acquisition performance improvements
Assess new controls before purchase
The Razorthorn Approach
Razorthorn’s Security Engineers will select attacks from a rich threat library of over 11k real-world threats, updated daily to reflect the latest tactics, techniques and procedures (TTPS)
- 7000+ Malware attacks
- 2000+ Web application attacks
- 1000+ Endpoint attacks
- 900+ Atomic attacks
- 750+ Vulnerability exploit attacks
- 250+ Data Exfiltration attacks
- 100+ Adversary Group/Malware scenarios
Challenging the effectiveness of the client’s existing security controls continuously and on-demand
- NGFW, WAF and IPS
- EDR and EPP
Validate security controls
Measuring the effectiveness of the client’s security tools to prevent, detect and respond to attacks
- Validate log source and telemetry ingestion
- Validate detection and alerting rules
- See results mapped to MITRE ATT&CK
Identify and address the highest priority gaps in the client’s current ATT&CK coverage, receiving actionable insight and content to mitigate
- A library of 70K + easy-to-apply prevention signatures and detection rules
- Insights to aid priorisation of new telemetry and log sources
The technology Razorthorn Security engineers utilise to run the security control evaluation integrates with the most commonly used next-gen firewall, intrusion prevention system, web application firewall, SIEM and EDR technologies to help our clients keep their existing security solutions ready against the most advanced attacks.
If you’re looking for an affordable way to evaluate your security controls, you’re in the right place. Ensure your controls are set up correctly and operating as intended with our assessment, carried out by our team of experienced cyber security consultants.