Black Cipher offers proactive and response driven professional services designed to help organizations take the initiative in addressing cyber risk or respond to, investigate, and contain a cybersecurity threat.
Through our qualified and experienced penetration testing team, we offer a full spectrum of penetration testing services. For a full listing of our penetration testing services, see below. Select penetration tests come in black box, gray box, and white box versions.
Network (External and Internal)
360° SECURITY ASSESSMENT
This is our flagship security assessment. It leverages the NSA defense-in-depth model, the CIA triad (confidentiality, integrity, and availability), the business triad (people, processes, and technology), and various aspects of the NIST, MITRE ATT&CK, and CIS cybersecurity frameworks as well as proprietary methods and techniques to identify risk.
This assessment has been exclusively designed to uncover all the major security gaps that can be intentionally or unintentionally exploited, resulting in harm to a business. It is recommended for any business that is interested in reducing and managing their cyber risk.
Our vulnerability assessment is designed to yield a ranked and prioritized list of a computer network's technical vulnerabilities and their susceptibility to various kinds of threats such as local and remote exploits. Organizations can use this assessment to become more aware of specific security risks and get help with identifying and prioritizing potential issues. By understanding their vulnerabilities through a vulnerability assessment, an organization can formulate solutions and implement patches to address associated risks.
A compromise assessment, in its simplest terms, is a proactive and concerted investigation that aims to discover threat actors that are operating in your environment. It looks for evidence of hackers and malware doing things like reconnaissance, beaconing to a C2 (Command and Control) server, exfiltrating data, or moving laterally in your network from one machine to another. In many ways, it is just like incident response but proactive rather than reactive.
Black Cipher's digital forensics services are provided by industry certified and experienced forensic examiners that have testified in both state and federal courts. They are highly trained professionals experienced in gathering evidence for both civil and criminal cases. All investigations are conducted using state-of-the-art equipment while keeping the overall legal process in mind. We always maintain proper chain of custody, proper preservation of evidence, and use only industry-accepted practices for obtaining the evidence that our clients need.
Incident response is a methodical approach to handling and managing the aftermath of a security incident or cyber attack. The objective is to handle the situation in an efficient way that limits damage, shortens recovery time, and reduces costs. Black Cipher provides professional incident response services on an emergency or retainer basis.
Emergency incident response services are available for organizations that have experienced a cyber attack or security incident and need help investigating the root cause, containing the threat, and recovering from the impact. Proactive, retainer-based incident response services are available for organizations that wish to outsource their incident response needs to a professional IR services firm such as Black Cipher.
Our incident response services are composed of the following phases:
Pre-Incident Preparation & Optimization (for retainer clients only)
Threat Identification & Analysis
Post Incident Recovery
Post Incident Analysis & Improvement