The ADR (Adaptive Defence Review) improves on traditional Red Team engagements and delivers greater value and cyber security benefits. We use an open and collaborative process designed to address all stages in the Cyber Killchain.

The ADR uncovers areas where cyber defences can be fortified before an encounter with a real adversary. Instead of pretending to be attackers, we work with the client to measure how effective controls such as monitoring, segmentation and end-point protection really are. The necessary tactics, techniques, and procedures (TTPs) to bypass these controls are documented, which helps figure out the required skill level for a real adversary to compromise the organisation.

• Visibility of weak controls throughout your IT environment
• More security controls tested for lower cost
• Repeatable without the red team relying on luck
• Benchmark and find gaps in your cyber security monitoring

Pulse Security will simulate tactics and techniques used by real-world adversaries throughout your IT environment. The internationally respected MITRE ATT&CK® framework is used, along with an understanding of your specific IT environment to guide the attacker simulation and test the effectiveness of a broad range of security controls.

As part of an ADR review, Pulse Security assesses:

• External attack surfaces including network services, applications, cloud services, VPNs, etc.

• Endpoint security and resilience to malware delivered through mechanisms such as phishing. This includes commodity malware, obfuscated malware, and bespoke malware to determine tooling sophistication required by an attacker to circumvent endpoint security.

• Persistence mechanisms and privilege escalation.

• Internal discovery and lateral movement used by real attackers to gain further access to an organisation’s environment.

• Data collection, exfiltration, and actions-on-objectives an attacker may use to achieve their end goals

• Detection and prevention throughout each of the above and the remainder of the ATT&CK Matrix.

• Additional bespoke testing based on each client’s specific environment and threats.

Deliverable

An Adaptive Defence Review will deliver the following:

• An overview of the security posture of the organisation.
• Missing or weak security controls and technical exploitation information.
• Success, failure and detection of attacker tactics, techniques, and procedures (TTPs).
• An actionable set of both technical and non-technical recommendations for improving the organisation’s security posture.