Internal Infrastructure

What Is It?

Your internal infrastructure is the backbone of your organisation. It is what is within your organisation and is the network that powers your server estate, provides connectivity inside your offices, manages your employees’ devices, supports your interactions with customers and so much more.

Why Assess It?

There are many reasons to conduct an internal infrastructure security assessment, five of which are below.

The Inside Threat

You can have the strongest defences possible externally but your most business critical functions need input from the inside too, whether this is from employees or systems communicating with one another. Every input is a potential attack avenue and threat actors will rely on vulnerabilities in your internal infrastructure to achieve their goals.

Manage Technical Debt

Employees of an organisation come and go but often legacy systems reside for extended periods. Without the people who know about them, they can often linger and pose real security threats. With an assessment of your internal infrastructure you can find and understand the risk posed by any legacy systems.

Build Resilience

Through exercising your internal infrastructure security controls you can validate how threats affect your organisation, ensuring that any security incidents are effectively compartmentalised whilst keeping your ongoing commitment to protecting customer, employee and supplier / partner data securely.

Conform to Compliance

Regular assessment also assists with compliance, such as Payment Card Industry (PCI) standards as well as reducing the likelihood of fines being imposed in the event of a security incident. The UK’s Information Commissioners Office (ICO) can issue fines up to £17.5m or 4% of global annual turnover, whichever is higher.

Validate Defensive Capability

An internal infrastructure assessment is designed to mimic a genuine threat actor. This allows you to see if your Security Operations Centre (SOC) and defensive tooling detects, alerts and empowers your response based on the activities conducted within the assessment.

The Agility Cyber Approach

Like all our engagements, we want you to get the most out of your internal infrastructure security assessment and we do this by:

Threat Actor Simulation

We do not just run a network vulnerability scanner and report, we use prior knowledge and a deep understanding of security concepts to creatively find ways of subverting security controls in your environment against objectives that a real world threat actor would have.

Prioritised and Pragmatic Advice

We report what we find but we do not add issues to make the numbers up. We believe in identifying the patterns that affect your infrastructure and helping you to fix their root cause, ensuring you get a higher return on investment from the assessment as well as any remediation effort deployed by your teams.

Pull On Loose Strings

The purpose of emulating a threat actor is to ensure that the full extent of what is possible is understood. We do not just report a high level finding such as a patch is missing with an arbitrary severity rating. We take the time to probe further and, with your agreement, exploit it so that we can give an accurate severity rating and potentially uncover further vulnerabilities from any additional privilege or access achieved.

Upskill Internal Teams

During the assessment we work collaboratively with your defensive teams so they can see what we are doing, we will showcase threat actor techniques as well as exercise your defensive tooling so that you can refine your detection rules and processes.

Never Assume

We pride ourselves on being factual and realistic, we check for all hosts rather than just a list of known live IP addresses, we check all ports and not just the common ones, we review services exposed fully rather than just reporting a port is open and we are always checking for signs of existing compromise to give some examples of our comprehensive approach.

Benefits of Partnering with Agility Cyber

Mutually Invested

Our experts work with you, not against you. There are no egotistical celebrations when a serious issue is discovered, just rapid full disclosure with pragmatic suggestions for effective remediation followed by ongoing support.

Clarity and Simplicity

We always provide clarity, believe in simplicity and value your time. An example is rather than waiting until the engagement starts, we will conduct open source intelligence gathering activities before the scoping meeting to help us understand your organisations position and risk posture thus enabling us to ask better questions, securing you higher value and saving you time.

Full Consultancy

Our team, based in the UK, is technically exceptional but we pair that with business sense to discover, triage and help you remediate the full range of security issues.

Impartiality

We are impartial, we do not sell you products or the latest buzzword laden trending solution.

Outstanding Service

We have an industry leading turnaround, agility is in our name after all. Proposals are shared with you within 24 hours of the scoping meeting. Accurate and complete daily debriefs are given during every engagement. The report is shared within 5 working days at the latest.

Scroll to Top