Does your SOC deliver what it promises?

Sensory test

External and internal sensory test with constantly increasing intensity

Our "sensor test" service offers you the opportunity to check and specifically improve the effectiveness and efficiency of your security systems and processes. We simulate both external and internal attacks with a steadily increasing intensity in order to activate the sensors and monitoring mechanisms used by your security operator or SOC service provider.

The test aims to detect malicious traffic, report incidents and trigger incident response processes. This enables you to respond to security incidents at an early stage, strengthen coordinated alerting and escalation channels and improve your organisation's ability to act.

Does your SOC deliver what it promises?

Companies often invest a large part of their IT security budget in monitoring their own networks, often through external service providers. EDR solutions are also used across the board so that not only the sensors at the company's perimeter can be monitored, but also the numerous client systems. In addition to the comprehensive monitoring of the company's own IT infrastructure, it is particularly important to strengthen the ability to act through fast and coordinated alerting and escalation channels.

With our sensory test, you can check the effectiveness of the measures taken and at the same time identify areas that need to be improved.

Typical attacker behaviour patterns

Our sensor test procedure is carried out in consultation with your IT security managers. We simulate typical attacker behaviour patterns from the outside, starting from the Internet, as well as from the inside, e.g. through compromised individual systems or potential internal perpetrators in the company network. We adjust the intensity of the measures during the test period to ensure gradual activation of the sensors and alerting processes.

Focus on analysing monitoring

It is important to note that our focus is not on covertly moving around the network or attempting actual intrusions. Rather, it's about activating your surveillance systems in a targeted manner and testing how effectively they respond to potential attacks.

The explicit search for possible intrusion paths and vulnerabilities, such as in vulnerability analyses, penetration tests and red team campaigns, is not always part of the assignment. Nevertheless, in consultation with the responsible information security managers, vulnerabilities known from previous audits, for example, can be considered.

Different scenarios conceivable

Various measures can be carried out as part of the sensor test, including automated vulnerability scans with a high probability of detection, attacks against Azure AD, communication from the internal network to the C2 infrastructure (command and control), communication in atypical or supposedly dangerous IP address ranges, simulation of the exfiltration of large amounts of data and web shell communication.

The results of the test enable you to identify the strengths and weaknesses of your security systems and take targeted measures to improve cyber security. A conscious focus on the functionality and efficiency of your sensor technology is crucial to protect your IT infrastructure from advanced threats.

Rely on our expertise and experience in cyber security to strengthen the security of your IT environment and arm yourself against the increasing complexity of cyber threats. Contact us to find out more about our sensor test and our comprehensive security solutions.