Computer, Network and Information Security Consulting Services
› return to original page


Attack Simulation

Intrusion Detection Systems (IDS) do not ensure safety. More than 60% of enterprises deployed IDS last year, but more than 40% of those suffered network intrusions. The average cost for each intrusion was over $800,000. IDS's and response personnel must be continuously tested. Polar Cove's IDS testing service provides the assurance that each client's IDS and intrusion response works.

Polar Cove coordinates a safe attack simulation program with top management so that operational staff can experience the unexpected simulations. Following the event, simulation attack signatures, sources, and methods are revealed and compared to the established alerting and responding mechanisms. A client's entire IDS are tested by this program. Staff alertness is enhanced. Specific responses and targeted training is developed.

Attack simulation by Polar Cove keeps response personnel on their toes, tests them, and tests the IDS equipment as well. Periodic testing of the entire IDS system is the only way to be assured that it works.

Attack Simulation Includes:

  • Attack simulations and timing coordinated with upper level management.

  • Attack profiling. The attack simulations will fit the profile of particular threats to the organization, from particular sources.

  • Attack source simulation. Attacks are configured to appear to come from specific locations: overseas, competitors, the internal network, and others.

At the conclusion of each simulation, Polar Cove provides detailed evaluations of the client's current detection and response effectiveness and recommends specific steps for remediation.

Attack Simulation Areas:

  • Common Attack Simulation - The test attack will simulate the behavior and techniques of low skill set intruders or "script kiddies". Such attacks represent the majority of intruder activity on the internet.

  • Skilled Attack Simulation - Simulation includes skill sets involving high level database knowledge, application vulnerabilities, advanced networking skills, and high end exploitation tools.

  • Customer / Partner Attack Simulation - Simulates a customer or partner attacks into privileged access areas. Tests the ability of the IDS system to detect and respond to security risks associated with partner and customer deep access.

  • Insider Attack Simulation - Simulates the threat from skilled insiders with access from the internal network, and with knowledge. Helps test and establish detection and response methods meant to contain sources of damage from within the corporate infrastructure.

 

 


© 2006     Polar Cove