Do you want to switch the language?

Test your SOC

How reliable is your Security Operation Center?

A simulated attack will tell you.

Like any technology used in a company, a SOC must be constantly adapted and improved.

The RED team at CANCOM Austria has designed a specially developed audit module for checking the in-house SOC and also third-party SOCs. By simulating a real attack

  • enables a transparent view of the company's IT.
  • the entire OT environment is also included.

In contrast to a traditional audit approach, attacks are divided into different classes and executed in a structured manner. The volume and intensity of the attacks is continuously increased until the SOC can successfully identify the attacker (success of the SOC) or all attacks from all classes have been executed (success of the attacker).

Contact us for a non-binding consultation

Added value for your company

Procedure

Controlled & traceable process

The module is divided into three phases, also known as tiers. These serve to ensure a controlled and comprehensible course of the exercise.

In the first phase, attacks are used that are difficult to distinguish from regular employee behavior. In most cases, this first phase remains undetected.

The second phase is an advanced infiltration. Here, vulnerabilities that have already been identified are actively exploited. Malicious code is loaded onto the infected systems and directories are numbered using atypical queries.

In the third and final phase of the exercise, attacks are carried out that can compromise the entire IT landscape.

Your advantages

Experience and know-how
  • The module requires a high level of knowledge and experience. It benefits greatly from the actively conducted RED team simulations and has been derived directly from the team's many years of experience in the audit area.
  • Another advantage is that the attacking RED team can draw on many years of experience through joint exercises with its own BLUE team of defenders (CANCOM Cyber Defense Center). This unique combination has made it possible to develop the necessary knowledge and structured procedures to create a high-quality, target-oriented exercise.

CANCOM Cyber Defense Center

Reference - Wienerberger Group

Every month, 12 million alerts are analyzed and pre-filtered by the analysts at CANCOM Austria. Information about the threats relevant to us is processed and enriched with recommendations for action.

// Christoph Schacher, Head of IT

More references
How may I help you?