This post was last updated on July 29th, 2021 at 04:26 pm
Infocyte ASSESS - Agentless Threat Assessments
Look beyond the traditional Threat or Compromise Assessments
Discover hidden threats — past and present — with the only agentless SaaS platform built for independent threat hunting and cost-effective assessments.
Infocyte offer's a one-time Threat Assessment as a three month engagement for a fixed price, or connect with our network of certified partners.
Why Conduct a Threat Assessment?
As threats evolve to bypass prevention technologies and controls, organizations must periodically validate their IT environments are secure and controls are working properly. The challenge with this is that often an independent review is needed to get a clear, comprehensive picture of your security posture including vulnerabilities and possible cyber threats.
Traditional security assessments only evaluate vulnerabilities and risks of future compromise, they often do not look at past exposure, vulnerabilities, and risks. Only Infocyte’s patented memory inspection can quickly analyze live volatile memory, providing a full view of past, present, and future events across the life of your operating system.
Infocyte can assess and protect against both endpoint and Microsoft 365 security compliance-related compromises.
Preview Sample Threat Assessments:
Microsoft 365 Security Compliance Assessment
Microsoft 365 (Office 365) risk assessments are typically complex and time consuming. Why not generate an evidence-based report that assesses your Microsoft 365 environment with 42 security checks based on CIS best practices?
SAMPLE ASSESSMENT SNAPSHOT:
Endpoint Security Assessment
With recent zero days and vulnerabilities affecting many organizations, Infocyte is offering endpoint security self-service assessments. Why not generate an evidence-based report that assesses your endpoints mapped to MITRE ATT&CK framework?
SAMPLE ASSESSMENT SNAPSHOT:
Infocyte Threat Assessment Key Benefits:
AGENTLESS OPTION
Most assessments require a permanently installed agent running for several days to set a baseline and detect threats on an endpoint. Infocyte's agentless option simplifies deployment with no pre-install or permanent software agents minimizing impact to your network.
INCLUDES MICROSOFT 365 SECURITY COMPLIANCE REVIEW
Only Infocyte includes Microsoft 365 Security and Compliance providing a comprehensive analysis of your environment across the top attack vectors.
DEEPER ANALYSIS THAN MONITORING OR ANTIVIRUS TOOLS
By leverages our endpoint detection and response platform, Infocyte delivers fast, minimally invasive and cost-effective Threat Assessment that goes deeper than any monitoring or antivirus tool to discover hidden threats.
ASSESS PAST, PRESENT, AND FUTURE RISKS
Infocyte Threat Assessments determine if an attacker is currently active in your network, or has been in the recent past which helps eliminate the gap of only considering future risks to your current security posture.
Software Supply Chain Risk
Knowing all of the various software that your organization uses can be quite complex for many organizations. Having a grasp of what software you have and any associated software supply chain risks is critical to assess your security posture. In addition, it is becoming more and more common for your supply chain to be a significant risk for breaches and critical data loss.
Mergers and Acquisitions
During M&A transactions, Infocyte ASSESS provides buyers with critical technical diligence needed to ensure they are not accepting unnecessary risk from existing compromises. When feasible, a Compromise Assessment should be conducted during the due diligence phase, or at least prior to merging networks.
Post-Incident Verification
A common tactic utilized by persistent attackers is the placement of an alternate backdoor within a network. This ensures that an attacker can maintain access to a network in the event their primary mode of access is discovered and eliminated. Post-incident, Infocyte helps verify that no other hidden egress points remain and that the cleanup process was successful.
Cyber Threat Hunting
Many organizations don't have an in-house threat hunting team. It has become common practice for such organizations to periodically bring in security service providers armed with a threat hunting platform like Infocyte ASSESS to hunt for signs of compromise that may have snuck past security controls and monitoring systems.
Security Program Validation
Whether they struggle with security or employ best-in-class tools, Infocyte ASSESS can validate the effectiveness of current security measures. Infocyte ASSESS identifies any threats that may have evaded security controls and helps you close gaps and eliminate blind spots.
Insurance Provider Due Dilligence
Data Breach and Cyber Risk Insurance providers use Infocyte ASSESS as a pre-existing conditions check, prior to issuing a policy. Insurance providers also use Infocyte as a periodic checkup to validate the insured party is making necessary efforts to detect and report security incidents.
Benefits of Agentless vs. Agent-Based Assessments
Most endpoint detection tools require a permanently installed agent running 24/7 to detect threats on an endpoint. While agents and agentless methods have tradeoffs, the agentless method is preferred in periodic or one-time assessment use cases by both analysts and businesses.
Minimize Change Management
No pre-install or permanent software agents minimizing setup/tear-down and impact to the network.
Tailored Detection Approach
Most agent-based tools rely on monitoring-only meaning the agent has to be in place during the initial compromise to catch it. This leaves significant gaps when performing an assessment for attacker presence after the fact.
Agents have their own vulnerabilities
Agents can be disabled or manipulated by attackers on systems with root-level compromises. Infocyte ASSESS has found many examples of compromises on otherwise well-defended networks when encountering non-compliant or manipulated systems.
“Infocyte allowed us to deliver a full threat assessment and consulting for our customer, in record time without business interruption. Deploying Infocyte was a simple, seamless, 10-min process. Our customer was thrilled with the concrete results provided and elimination of threats, including finding ransomware waiting to strike on critical banking infrastructure.” - President Security Business, MSSP Partner
