The assumption is that an attacker or malware has succeeded in penetrating a workstation PC. We demonstrate what opportunities there are for the attacker to spread from this vantage point and which measures can protect against this. Resilience = testing of the ability to resist attacks.

Scope

• Purely technical review
• Internal view based on the initial situation of an attacker or malware on a workstation PC

Your benefits: what is investigated?

• Connection tests to the internet, as used by malware to contact the command & control server or load additional modules
• Testing the workstation PC for vulnerabilities to privilege escalation (malware simulation)
• Port and vulnerability scanning of the internal network, starting from the office network
• Additional activities depending on the anomalies detected in the testing

Result (output)

• Report with executive summary
• The report contains results and analyses, evidence and recommended measures
• Presentation and discussion of the report online or on site

Available options

• Detailed testing of two server systems of your choice

Customer profile: who is the basic offer of the penetration test focusing on resilience aimed at?

• Companies that want an initial classification of their existing security measures with regard to malware that is already present in the network
• Companies that want a pre-configured basic package for a quick project launch requiring little effort
• Companies that prefer a flat rate
• SMEs and startups

Resource planning: plannable effort for you

This basic package requires an investment of around nine hours. This time is divided up as follows:

• Participation in the kick-off meeting and report meeting
• Setup of a workstation for the tester, including a standard PC & account and an additional network connection for our audit laptop