|
Intrusion Detection Systems (IDS)
do not ensure safety. More than 60% of enterprises deployed IDS
last year, but more than 40% of those suffered network intrusions.
The average cost for each intrusion was over $800,000. Intrusion
Detection Systems and response personnel must be continuously tested.
Polar Cove's IDS testing service provides the assurance that each
client's Intrusion Detection Systems and intrusion response works.
Polar Cove coordinates a safe attack
simulation program with top management so that operational staff
can experience the unexpected simulations. Following the event,
simulation attack signatures, sources, and methods are revealed
and compared to the established alerting and responding mechanisms.
A client's entire Intrusion Detection Systems are tested by this
program. Staff alertness is enhanced. Specific responses and targeted
training is developed.
Attack simulation by Polar Cove
keeps response personnel on their toes, tests them, and tests the
Intrusion Detection Systems equipment as well. Periodic testing
of the entire IDS system is the only way to be assured that it works.
Attack Simulation Includes:
-
Attack simulations
and timing coordinated with upper level management.
-
Attack profiling.
The attack simulations will fit the profile of particular
threats to the organization, from particular sources.
-
Attack source simulation.
Attacks are configured to appear to come from specific locations:
overseas, competitors, the internal network, and others.
At the conclusion of each simulation,
Polar Cove provides detailed evaluations of the client's current
detection and response effectiveness and recommends specific steps
for remediation.
Attack Simulation Areas:
-
Common Attack Simulation
- The test attack will simulate the behavior and techniques
of low skill set intruders or "script kiddies". Such
attacks represent the majority of intruder activity on the internet.
-
Skilled Attack Simulation
- Simulation includes skill sets involving high level database
knowledge, application vulnerabilities, advanced networking
skills, and high end exploitation tools.
-
Customer / Partner Attack Simulation
- Simulates a customer or partner
attacks into privileged access areas. Tests the ability of the
Intrusion Detection Systems system to detect and respond to
security risks associated with partner and customer deep access.
-
Insider Attack Simulation
- Simulates the threat from skilled insiders with access from
the internal network, and with knowledge. Helps test and establish
detection and response methods meant to contain sources of damage
from within the corporate infrastructure.
Download
this text as PDF
[ Back to Top ] |
|
| You
Should Know... |
| You
will not know what to do inthe event of an intrusion if the
necessary procedures, roles, and responsibilities have not
been defined and exercised in advance.
The absence of systematic and well-defined procedures can
lead to • extensive damage
to data, systems, and networks due to not taking timely
action to contain an intrusion. This can result in increased
costs, loss of productivity, and loss of business.
• the possibility of an intrusion affecting multiple
systems both inside and outside your organization because
staff did not know who else to notify and what additional
actions to take
• negative exposure in the news media that can damage
your organization's stature and reputation with your shareholders,
your customers, and the community at large
• possible legal liability and prosecution for failure
to exercise an adequate standard of due care when your systems
are inadvertently or intentionally used to attack others
Source: Carnegie Mellon
Software Engineering Institute; CERT Coordination Center
more
» |
| Contact
us |
For any questions
you may have, contact us at 
1-401-454-3939.
Our Polar Cove representative will answer and assist you with
your specific needs. |
|
