Security Control Assessment

A Razorthorn Security Control Assessment provides a complete view by testing organisations’ network security and detection tools against current and emerging threats. The evaluation simulates over 11 thousand attacks and techniques, including phishing and ransomware, allowing clients to quickly identify and mitigate threat coverage and visibility gaps. The results of the evaluation include easy-to-apply prevention signatures along with SIEM and EDR detection rules, while also mapping the results to the MITRE ATT&CK framework.

Questions That Razorthorn Can Help to Answer

  • How secure is your organisation right now?
  • Are you able to prevent against the latest exploits and threats?
  • Where are our most critical exposures and vulnerabilities?
  • How do we translate cyber risk to business risk for the board?

Benefits of a Security Control Assessment

Security risk

Identify security weaknesses and visibility blind spots


Validate the effectiveness of controls and processes

Prevent & detect

Address exposures with prevention signatures and detection rules


Rationalise cyber security investments through security validation


Optimise SIEM and EDR threat detection capabilities


Pre-acquisition assessments


Post-acquisition performance improvements


Assess new controls before purchase

The Razorthorn Approach

Threat library

Razorthorn’s Security Engineers will select attacks from a rich threat library of over 11k real-world threats, updated daily to reflect the latest tactics, techniques and procedures (TTPS)

  • 7000+ Malware attacks
  • 2000+ Web application attacks
  • 1000+ Endpoint attacks
  • 900+ Atomic attacks
  • 750+ Vulnerability exploit attacks
  • 250+ Data Exfiltration attacks
  • 100+ Adversary Group/Malware scenarios

Simulate attacks

Challenging the effectiveness of the client’s existing security controls continuously and on-demand

  • NGFW, WAF and IPS
  • SIEM
  • EDR and EPP

Validate security controls

Measuring the effectiveness of the client’s security tools to prevent, detect and respond to attacks

  • Validate log source and telemetry ingestion
  • Validate detection and alerting rules
  • See results mapped to MITRE ATT&CK

Mitigate gaps

Identify and address the highest priority gaps in the client’s current ATT&CK coverage, receiving actionable insight and content to mitigate

  • A library of 70K + easy-to-apply prevention signatures and detection rules
  • Insights to aid priorisation of new telemetry and log sources


The technology Razorthorn Security engineers utilise to run the security control evaluation integrates with the most commonly used next-gen firewall, intrusion prevention system, web application firewall, SIEM and EDR technologies to help our clients keep their existing security solutions ready against the most advanced attacks.

Security Control Assessment Enquiry

If you’re looking for an affordable way to evaluate your security controls, you’re in the right place. Ensure your controls are set up correctly and operating as intended with our assessment, carried out by our team of experienced cyber security consultants.

  • This field is for validation purposes and should be left unchanged.

Follow Us