Our cyber threat intelligence assessment using the open-source intelligence (OSINT) methodology entails collecting information about your organisation from publicly available sources. Our goal is to provide you with a threat assessment based on information that hackers have access to and are known to use when preparing to launch a cyber attack. We don’t merely collect data, we analyse the data and disseminate it to you in terms of actionable recommendations.

During a cyber threat intelligence assessment, our ethical hackers treat your organisation as their target and gather the information that they would use to launch an effective attack. The kind of information that we look for when performing a cyber threat intelligence assessment is the kind that could be used to help attackers impersonate a high-level decision-maker, launch more effective cyber attacks, initiate social engineering campaigns, and subsequently compromise your security. This information is used to prepare, prevent and identify cyber threats that might take advantage of this publically available information.

An example of such an attack could be when a hacker surveils your CEO, sees that he will be on vacation (via social media), and impersonates him (via a spoofed email) to request an urgent payment to a “supplier.” Social conventions being as they are, people will want to impress their superiors with fast action, thereby avoiding any authentication process, allowing a hacker to walk away with thousands of euros.

Our cyber threat intelligence service includes techniques such as:

  • gathering general information about the target organisation;
  • performing a thorough network analysis through DNS and sub-domain enumeration techniques;
  • identifying the organisation’s internet footprint including details on key personnel and source code leaks;
  • non-invasive assessment to discover weaknesses that are exploitable on the network, along with any unauthorised routes into the target network.
Review our other types of security and penetration testing services to see how we can provide a solution to your needs. We also offer vulnerability scanning, web application penetration testing, mobile application penetration testing, infrastructure penetration testing, and wireless network penetration testing.

Delivery Methods

Our security testing services can be provided via two methods that can be mixed and matched to create an overall testing solution that fits your needs perfectly. For instance, you might require a thorough infrastructure penetration test (delivered locally) or a cyber threat intelligence assessment (conducted remotely). 

Project-based

Projects are fixed scope engagements of a predetermined time frame. Projects can be delivered locally at your office alongside your team or carried out remotely from our offices in Amsterdam or Kiev.

Contract-based

Contracting is a method of rolling engagement where a tester is contracted to join your organisation to deliver the required testing. Contract-based work can only be delivered locally, typically from within your team.

Contact Us

For more information about how penetration testing can help you secure your applications and networks, contact us using the contact form below or call Baruch Annink at +31 (0) 646 955 406.

top