NetSentries Adversarial Attack Simulation Exercise


NetSentries Adversarial Attack Simulation Exercise(NAASE) encapsulates the best practices of Bank of Singapore's Red/Purple team guidelines, Bank of England's CBEST and MITRE ATT&CK. Red /Purple Team/ Adversarial Attack Simulation exercises are developed in conformance with Guidelines for the Financial Industry by the Association of Banks in Singapore (ABS).

Scroll

NetSentries Adversarial Attack Simulation Exercise

NetSentries Adversarial Attack Simulation Exercise(NAASE) encapsulates the best practices of Bank of Singapore's Red/Purple team guidelines, Bank of England's CBEST and MITRE ATT&CK. Red /Purple Team/ Adversarial Attack Simulation exercises are developed in conformance with Guidelines for the Financial Industry by the Association of Banks in Singapore (ABS).

Do you know how your organization would respond to a multi-vector attack?

Have you tested your SOCs detection capabilities with an attack simulation?

NetSentries Adversarial Attack Simulation Exercise

The objectives of the NAASE framework are to assess and enhance the resilience of Financial Institutions against sophisticated attacks in order to efficiently allocate their resources to the unique threats they are facing. Scenarios are created for attack simulation by identifying the most likely adversaries and the attack vectors are combined to form a kill chain. The goal of these exercises is to assess the capability of a FINSERV to prevent, detect and respond to cyberattacks that may impact Critical Functions or business continuity.

191

days are taken by organizations an average to identify data breaches.

Our Approach

NAASE exercises simulate the full end-to-end cycle of a cybersecurity attack, replicating actions and procedures utilized by real-world adversaries with a high level of intent, sophistication, and capability. The remediation enablement modules of the service provide in-depth assistance to fix failed controls and improve the detection capabilities of the SOC.

OSINT & Dark Web Enumeration


During Open-source intelligence (OSINT) and Darkweb enumeration NetSentries will collect data about the target organization from publicly available sources to be used in an intelligence context for further phases. The collected datasets are risk scored and correlated with each other for identifying possible unknown threat vectors. The business risk scoring helps organizations to take necessary preventive proactive actions. 

Red Team Exercise


Red Team (RT) exercises are sanctioned, planned, risk-managed and objective-driven cybersecurity assessments that simulate highly sophisticated targeted attacks against an organization. The exercise includes external simulations like advanced spear-phishing, attacks against E-banking channels, advanced post-exploitation actions like persistency, lateral movement, data exfiltration, and password dumping. Internal simulations verify the effectiveness of logical and physical security controls related to People, Process and Technology like a determined insider attacker.

Purple Team Exercise


The Banks internal Blue team is a part of this exercise working along with the NetSentries Red team conducts objectives-based assessments that mimic known and quantifiable threat actors. The Blue team assesses the Techniques, Tactics, and Procedures, and build and configure their detection and response capability in-line with these known approaches.

Remediation Enablement


NetSentries provides assistance to fix failed security controls, provides advice on deploying compensating controls where an immediate fix is not possible and helps create a roadmap with prioritization to address high-risk gaps and continuously improve the overall security posture of the organization.

CSOC Enablement


The results from the adversarial simulation are used for strategic planning support for the remediation of failed incident detection. Advanced services like support for log baselining, events of interest definition, selective log forwarding recommendations, use case/correlation rule definitions, monitoring dashboard development, etc. are provided to improve the Detection and Response Posture.

Talk with an Expert


Related Services

Remote Access Infrastructure Security Assessment


With the ongoing challenges with operating from offices, businesses are taking actions to stay productive with several employees resorting to teleworking. NetSentries is equipped to help with quick assessments of the security posture of the organization’s Remote Access Infrastructure with sophisticated active and passive security testing and control validations to ensure peace of mind.

Security Architecture & Configuration Reviews


Security Architecture Review is a holistic assessment of your security layers across Network, Applications, People and Processes. It identifies gaps in your Architecture, Policies and Controls that might put your critical assets at risk from attackers.

OSINT Intelligence Gathering and Enumeration


To begin defending against Cyber attacks, it is important to understand the information that can be gathered about your organization from public sources and the dark web and open-source intelligence (OSINT) gathering does just that.

Latest from our Blogs

  • Technologies and Tricks Used in Cybercrimes


    Technological advancement is a transformative process. As modern technologies emerge, so do their side effects. One of the severe side effects of the digital age is the increased risk of cyberattac...

Contact Us

Please feel free to drop us an email from the form below and we will get back to you as soon as we can.

Our Headquarters

S14, VBC, 2nd Floor, Divyasree Chambers
Langford Town
Bangalore,India