OUR CUSTOM SOLUTION
Empower Your Team
The Ransomware Impact Assessment is a consultation program that allows you to simulate a customized ransomware attack scenario, including the tactics, techniques, and procedures (TTPs) used by today's most prolific ransomware gangs Using the cyber kill chain model and actual ransomware behavior, you will gain valuable insight into how your security ecosystem responds at each stage of the defense process.
With The Ransomware Impact Assessment, you will receive comprehensive training on the methodologies of ransomware attacks, persistent threats, and malware attacks based on the Unified Kill Chain model. You'll learn how attacks are performed and what lessons can be learned.
Our Cymrix experts will work with your team to review your assessment goals and objectives. We'll ensure that the simulation is connected to our management console and that all configurations are complete. Using OSINT research, we'll develop customized attack scenarios, tactics, and techniques that mimic the actions of an actual attacker. We'll then run safe-by-design, real-world ransomware attacks across the cyber kill chain on a single Windows device of your choice.
After the simulations are complete, we'll provide you with a detailed report that includes the results of the execution, security control performance at each layer of the attack, and specific recommendations for remediation, business continuity, and disaster recovery.
01
EVALUATION
Our team evaluates your assessment goals and objectives.
02
TRAINING
We provide you with comprehensive training based on the Unified Kill Chain Model.
03
SIMULATION
We simulate customized ransomware attack scenarios on your network.
04
REPORTING
We provide a detailed report with remediation and mitigation recommendations.
The Simulation Process
Our team works closely with you to deploy and execute the Cymrix simulation agent on Patient-Zero(s). In a typical RIA, the simulations take place in three phases:
PHASE ONE
Zero Knowledge
The simulation agent is executed with no knowledge of the internal environment. This is intended to simulate an attack by a well-known vector against the current security controls
PHASE TWO
Zero Day
The simulation agent is
“whitelisted” by the current security controls (endpoint security, EDR, antivirus, etc…) for the purpose of simulating an attack utilizing a zero-day vulnerability or other vulnerabilities where there is no current defense
PHASE THREE
Captured Credentials
The simulation agent is provided with elevated credentials for the purpose of simulating an attack where the credentials of an
admin level user have previously been captured
WHY CYMRIX?
A threat-centric approach is essential to making data-driven security decisions.
In the face of ever-changing threats, traditional techniques of analyzing security controls are no longer adequate. Companies need to think like hackers to stay ahead of them. Don't wait for a ransomware attack to happen to your business. Take proactive measures and protect your data today.