Compromise Assessment

Q: What is a compromise assessment report?

A compromise assessment report is a specific type of cyber risk assessment that identifies vulnerabilities, active threats, and threats that are lurking on an organization’s network. It gives security teams a clear view of the activity on the network in addition to a comprehensive analysis of the organization’s cyber risk exposure.

Q: What is the relationship between compromise assessment and threat hunting?

Compromise assessments and threat hunting are both crucial aspects of mitigating cybersecurity risks. High-risk organizations in fields like healthcare often have a layered approach to security using one or more techniques. Both threat hunting and compromise assessments analyze cybersecurity controls and response protocols but at different points during the threat lifecycle.

Q: What is the relationship between compromise assessment and incident response?

A compromise assessment is essential for organizations that want to improve their incident response protocols. Responding to incidents quickly and effectively is the key to retaining data. Compromise assessments give cybersecurity teams the information they need to prevent data loss in the future by responding to incidents more effectively. That’s why a compromise assessment report is a key part of cyber incident response.

Q: What is the relationship between compromise assessment and vulnerability assessment?

While a vulnerability assessment provides teams with visibility into potential attack vectors and weaknesses in security, it can’t tell whether or not a network has already been compromised. A compromise assessment also offers network visibility and insights about mitigating those risks, identifying attacks while they are happening, and responding to incidents accordingly.

Q: What is an indicator of compromise?

Indicators of compromise (IOCs) refer to data that indicates the potential that a system has been infiltrated by a cyber threat and company data has been compromised.

Find Cybersecurity Compromises and Prevent Attacks with BlackBerry Cybersecurity Services.

We can help you rapidly determine if your organization is compromised or shows signs of past cyber incidents. And we deliver expert guidance to improve cybersecurity and prevent future attacks. Request a quote or call us now at +1-888-808-3119.

Request A Quote View Services Card

What Is Compromise Assessment?

Compromise assessment is a type of cyber risk assessment that identifies threats lurking in an organization’s network. First, cybersecurity experts identify indicators of compromise (IOCs). Then, they investigate in-depth the risk-prioritized findings. A report shares these findings and identifies ways to reduce the attack surface.

Compromise assessment analyzes cyber risk exposure, such as data exfiltration and sabotage, command and control activities, user authentication abnormalities, malware persistence mechanisms, and vulnerable network host and application configurations. Compromise assessment is part of cyber incident response.

Get the Data Sheet

Compromise Assessment Services

A compromise assessment by BlackBerry Cybersecurity Services has two phases. The first phase is data collection and initial threat hunting. The second phase is a targeted cybersecurity assessment based on the initial findings.

Data Collection and Threat Hunting

In the first phase, you are provided a lightweight package of software and scripts that captures data for the BlackBerry^® Cybersecurity Services compromise assessment team. Collected data includes filesystem metadata from endpoints, log data from network devices, event and alert data from ancillary security systems, and more. Our cybersecurity experts then use cloud-based compromise tools and best-practices methodologies to normalize, contextualize, enrich and format the data. A proprietary analytics engine processes the digital forensics artifacts, and the results are used to identify hosts of interest and suspicious activities for phase two, the targeted investigation.

Targeted Investigation

In the second phase, you receive standalone executables to deploy to the hosts of interest to collect in-depth digital forensics data about the suspicious activity flagged during the first phase. If we discover evidence of a past breach, BlackBerry Cybersecurity Services compromise assessment experts can identify when, where, and how it occurred, and recommend how to prevent recurrence. If a breach is in progress, our compromise assessment service can transition seamlessly to incident response (IR) to trace the kill chain, document exploited vulnerabilities, assess impacts, and develop remediation plans.

Use of AI in Cybersecurity Assessment

Best-practice, field-proven compromise assessment methodologies that leverage artificial intelligence (AI) produce results fast. By integrating BlackBerry^® Cylance^® AI-powered technology into our compromise assessment tools and processes, the BlackBerry Cybersecurity Services rapidly produces preliminary results, often detecting commodity attacks and advanced persistent threats (APTs) within hours of initial data collection.

Find the Best Cybersecurity Assessment Vendor for You

We help organizations of all sizes and in all industries identify cybersecurity risk and protect against cyberattacks. Our compromise assessment service can help you:

Determine if a network has been compromised.
Obtain cybersecurity results in weeks, not months.
Minimize the impact on your IT system resources through a scalable and efficient process that uses dissolvable scripts and a lightweight agent, such as that of CylancePROTECT^®
Assess cybersecurity compromises of Windows^®, macOS^®, and Linux^® operating systems.

BlackBerry Cybersecurity Services are available to every organization. There is no requirement to be an existing BlackBerry customer to receive our compromise assessment services.

Your Compromise Assessment Report

As part of the compromise assessment service, BlackBerry Cybersecurity Services provides a cybersecurity report for your executive team with two parts:

Threat Hunting Report

If we detect a past or current compromise, the cyber assessment report details the findings, including the nature of the compromise, its extent and impact on your network environment.

Attack Surface Reduction Report

Strategic and tactical recommendations provide a risk-prioritized assessment of how you can improve cybersecurity and reduce your attack surface.

Choose the expertise of a top cybersecurity vendor. Contact BlackBerry Cybersecurity Services to discuss your compromise assessment needs.

Resources

Use Case

Compromise Assessment Use Cases: Achieving Cyber Resilience with BlackBerry Cybersecurity Services

Get the Use Case

Data Sheet

Compromise Assessment: Identify and Assess Past Breaches to Proactively Prevent Future Incidents

Get the Data Sheet

Case Study

Case Study: Investment Bank Takes on Cybersecurity

Read Now

Products

Cybersecurity

CylanceMDR

CylanceENDPOINT

CylanceEDGE

Secure Digital Workplace

BlackBerry UEM

BlackBerry Work

BlackBerry Dynamics Platform

BlackBerry Workspaces

BBMe

Critical Event Management

BlackBerry AtHoc

Secure Communications

SecuSUITE

Secure Embedded Software

QNX Software Development Platform 8.0

QNX Accelerate

QNX Hypervisor

Certicom PKI and Key Management

Automotive

BlackBerry IVY

QNX Sound

QNX ADAS Platform

Transportation Tracking

BlackBerry Radar

BlackBerry Radar Asset Tracking

BlackBerry R2 and A2 Sensors

Services

Assess

Red Team / Attack Simulation

Penetration Testing

Strategic Services

Defend

Managed Detection and Response

Digital Forensics

Incident Response

Implement

Cylance Solutions

Secure Digital Workplace

QNX Professional Services

Report an Incident

Report Incident

Contact Support

Solutions

Endpoint Security

Generative AI

Managed SOC

AI-Powered Cyber Defense

VPN Alternative

Network Defense

Ransomware Protection

Secure Operational Technology

Secure Digital Workplace

Secure Anywhere Working

Mobile Productivity

Content Collaboration

BYOD

Secure Browsing

Secure Communications

Secure Voice, Messaging & Conferencing

Crisis Communications

Threat Research

Threat Center

Reports

Research

Tools and IOCs

Embedded Systems

Connected Autonomous Vehicles

Robotics and Automation

Medical Devices

Commercial Vehicles

Aerospace and Defense

Rail

Transportation Tracking

Chassis and Flatbed Tracking

Intermodal Container Tracking

Trailer Tracking

Railcar Tracking and Monitoring

Equipment Tracking