Sensory test
Does your SOC deliver what it promises?
External and internal sensory test with constantly increasing intensity
Our "sensor test" service offers you the opportunity to check and specifically improve the effectiveness and efficiency of your security systems and processes. We simulate both external and internal attacks with a constantly increasing intensity in order to activate the sensors and monitoring mechanisms used by your security operator or SOC service provider.
The test aims to detect malicious traffic, report incidents and trigger incident response processes. This enables you to respond to security incidents at an early stage, strengthen coordinated alerting and escalation channels and improve your organisation's ability to act.
Does your SOC deliver what it promises?
Companies often invest a large part of their IT security budget in monitoring their own networks, often through external service providers. EDR solutions are also used across the board so that not only the sensors on the company's perimeter can be monitored, but also the numerous client systems. In addition to the comprehensive monitoring of the company's own IT infrastructure, the main aim is to strengthen the ability to act through fast and coordinated alerting and escalation channels.
With our sensory test, you can check the effectiveness of the measures taken and also identify areas that need to be improved.
Typical attacker behaviour patterns
Our sensor test procedure is carried out in consultation with your IT security managers. We simulate typical attacker behaviour patterns from the outside, starting from the Internet, as well as from the inside, e.g. through compromised individual systems or potential internal perpetrators in the company network. We adjust the intensity of the measures during the test period to ensure gradual activation of the sensors and alerting processes.
Focus on analysing monitoring
It is important to note that our focus is not on covertly moving around the network or attempting actual intrusions. Rather, it's about activating your surveillance systems in a targeted manner and testing how effectively they respond to potential attacks.
The explicit search for possible intrusion paths and vulnerabilities, such as in vulnerability analyses, penetration tests and red team campaigns, is not always part of the assignment. Nevertheless, in coordination with the responsible information security managers, known vulnerabilities from previous audits, for example, can be considered.
Different scenarios conceivable
Various measures can be carried out as part of the sensor test, including automated vulnerability scans with a high probability of detection, attacks against Azure AD, communication from the internal network to the C2 infrastructure (command and control), communication in atypical or supposedly dangerous IP address ranges, simulation of the exfiltration of large amounts of data and web shell communication.
The results of the test enable you to identify the strengths and weaknesses of your security systems and take targeted measures to improve cyber security. A conscious focus on the functionality and efficiency of your sensor technology is crucial to protect your IT infrastructure from advanced threats.
Rely on our expertise and experience in cyber security to strengthen the security of your IT environment and arm yourself against the increasing complexity of cyber threats. Contact us to find out more about our sensor test and our comprehensive security solutions.
When does a sensory test make sense for my company?
- You spend a lot of money on a managed SOC and want to know what it brings.
- You want to put the processes for detecting malicious network traffic to the test.
- They want facts instead of a sense of security.
- You want to identify where there is potential for improvement.
The colleagues at Laokoon were on hand to answer any questions we had and provided uncomplicated support.
Team Leader Development