Immunity offers unique, aggressive, out of the box solutions to the
security industry's most difficult problems.
Has a full scope penetration test ever failed to compromise your network? When was the last time your red team did not succeed? The reality is that given sufficient time and resources a skilled attack team will always find a way into your infrastructure. This is why the cutting edge of network defense is shifting to an incident response model that revolves around an assumption of compromise. You know you will get compromised, now what?
Immunity provides Immunity Adversary Simulation that allows you to model an advanced persistent threat from inside your infrastructure and evaluate how your security team will react to a real world offensive team that is active on your network and attempting to exfiltrate large amounts of data.
Adversary simulation is the next step in threat assessment and incident response preparedness. Recent history has shown that the modern enterprise has to maintain a security posture that operates under the assumption of compromise. You will get compromised at some point in time and acknowledging this fact helps you prepare for the next level of incident response: dealing with an active and potentially advanced attacker inside of your infrastructure.
Immunity deploys INNUENDO-based implants on designated systems. These implants, managed by the Immunity Adversary Simulation (IAS) team, operate at nation-state grade levels of sophistication, and communicate with their C2 servers using INNUENDO’s flexible channel-stack technology. Examples of channels include DNS, ICMP, IMAP, SMTP, HTTP, and FTP, as well as customized data exfiltration channels tailored to your specific network conditions (e.g. externally facing corporate Wiki sites and in-house corporate messaging solutions). The Immunity Adversary Simulation team will set out to achieve a series of adversarial goals using this INNUENDO-based shadow-infrastructure. Examples include large volume data exfiltration, lateral network movement and privilege escalation attacks. By doing this the IAS team generates real world indicators of compromise which are then used to prime your incident response team on how to recognize, interrupt, and prevent large volume data leaks out of your network.
To learn more about how Immunity’s Adversary Simulation can help improve your network security posture and incident response, please contact us at imu.sales@appgatedotcom or give us a call at +1-866-524-4782.