Inceptus
Inceptus
  • Home
  • Cybersecurity Services
    • SIEM & SOC Monitoring
    • EDR
    • EMAIL PROTECTION
    • THREAT HUNTING
    • IDENTITY- IDAM/SSO
    • BREACH & ATTACK
    • DATA PROTECTION
    • Virtual CISO
    • Penetration Testing
    • Security Assessments
    • Policy & Procedures
    • Security Awareness
    • Digital Forensics & IR
    • Social Media Monitoring
  • Industry Solutions
    • Financial Instituitions
    • HNW & Family Office
    • State & Local Government
    • Defense Contractor / CMMC
  • Company
    • About Inceptus
    • Leadership Team
    • Managed Cyber Protections
    • Professional Services
    • The Inceptus Ecosystem
  • Resources
    • Business Risk Assessment
    • Become A Partner
    • Inceptus BLOG
    • Inceptus VLOG
    • Webinars & Lectures
    • Inceptus in the News
    • Resource Center
    • Cyber Security Terms
  • Contact Us
  • More
    • Home
    • Cybersecurity Services
      • SIEM & SOC Monitoring
      • EDR
      • EMAIL PROTECTION
      • THREAT HUNTING
      • IDENTITY- IDAM/SSO
      • BREACH & ATTACK
      • DATA PROTECTION
      • Virtual CISO
      • Penetration Testing
      • Security Assessments
      • Policy & Procedures
      • Security Awareness
      • Digital Forensics & IR
      • Social Media Monitoring
    • Industry Solutions
      • Financial Instituitions
      • HNW & Family Office
      • State & Local Government
      • Defense Contractor / CMMC
    • Company
      • About Inceptus
      • Leadership Team
      • Managed Cyber Protections
      • Professional Services
      • The Inceptus Ecosystem
    • Resources
      • Business Risk Assessment
      • Become A Partner
      • Inceptus BLOG
      • Inceptus VLOG
      • Webinars & Lectures
      • Inceptus in the News
      • Resource Center
      • Cyber Security Terms
    • Contact Us
  • Home
  • Cybersecurity Services
    • SIEM & SOC Monitoring
    • EDR
    • EMAIL PROTECTION
    • THREAT HUNTING
    • IDENTITY- IDAM/SSO
    • BREACH & ATTACK
    • DATA PROTECTION
    • Virtual CISO
    • Penetration Testing
    • Security Assessments
    • Policy & Procedures
    • Security Awareness
    • Digital Forensics & IR
    • Social Media Monitoring
  • Industry Solutions
    • Financial Instituitions
    • HNW & Family Office
    • State & Local Government
    • Defense Contractor / CMMC
  • Company
    • About Inceptus
    • Leadership Team
    • Managed Cyber Protections
    • Professional Services
    • The Inceptus Ecosystem
  • Resources
    • Business Risk Assessment
    • Become A Partner
    • Inceptus BLOG
    • Inceptus VLOG
    • Webinars & Lectures
    • Inceptus in the News
    • Resource Center
    • Cyber Security Terms
  • Contact Us

Managed HUNT

Continuous Threat Hunting

With the ever-changing threat landscape and the evolution of malware, cyber-attacks are an increasingly serious risk for organizations. Many companies seem to believe that their organization won’t be targeted. They might say that their organization is too small to be on an attacker’s radar, or that they don’t have anything worth attacking, but the truth is that cyber criminals are indiscriminate in their attacks and can almost always find something worth stealing. A lot of companies that say they won’t be targeted may have already been breached – they just don’t know it yet. And as the Ponemon 2017 Cost of a Data Breach Study shows, the longer it takes to detect a breach, the more expensive it will be. The study found that US companies took an average of 206 days to detect a data breach. This is a slight increase on the previous year (201 days). Ponemon suggests all organizations should aim to identify a breach within 100 days. The average cost of identifying a breach within this time was $5.99 million, but for breaches that took longer to identify, the average cost rose to $8.70 million. There is a similar correlation in terms of containing a breach. Breaches that took less than 30 days to contain had an average cost of $5.87 million, but this rose to $8.83 million for breaches that took longer to contain. At Inceptus we think 100 days is too long, so we designed a service to rapidly detect these intrusions to contain the attack. 

Are Your Security Controls Working?

Inceptus’ Managed HUNT service evaluates an organization’s enterprise for the presence of advanced attacks, stealthy malware and persistent threats that may have successfully bypassed existing defenses. This is accomplished by attempting to discover Indicators of Attack (IoA) and Indicators of Compromise (IoC) left after an attack has been perpetrated. Managed HUNT combines automated data collection and proactive analysis by highly skilled analyst to bring the most advanced forensic detection and alerting. We make it easy for organizations to rapidly deploy our services with minimal effort and no on-site equipment. We simply deploy our lightweight “run and done” client on your endpoints, collect relevant information from the system, encrypt the data and send it to our cloud-based analytics system for analysis. 

What Do We Look At?

File System Attributes

File System Attributes

Windows PE Attributes

File System Attributes

.

Operating System Artifacts

Standard System Information

Volatile Data

DNS Cache

What Do We Look For?

New and Re-Configured Services

New and Re-Configured Services

New and Re-Configured Services

Run Keys

New and Re-Configured Services

New and Re-Configured Services

Persistence Areas

New and Re-Configured Services

Threat Actor Tools, Techniques and Procedures (TTPs)

Threat Actor Tools, Techniques and Procedures (TTPs)

Threat Actor Tools, Techniques and Procedures (TTPs)

Threat Actor Tools, Techniques and Procedures (TTPs)

Hacker Trade-craft

Threat Actor Tools, Techniques and Procedures (TTPs)

Hacker Trade-craft

Lateral Movement

Threat Actor Tools, Techniques and Procedures (TTPs)

Hacker Trade-craft

We Found Something! Now What?

Inceptus will notify the you immediately of the intrusion and give details as to the nature of the discovery. This will provide you with the detail that is needed to decide on the best course of action. Inceptus can also be engaged to conduct a multi-phase process beginning with incident triage and provide you with an action plan for execution. You can decide, based on the action plan, how to utilize Inceptus’ expertise for further analysis. During this time, Inceptus will, conduct a number of cyber incident response activities which may include digital forensics, malicious code analysis, log reviews, system access level analysis, timeline analysis, recovery of exfiltrated data, persistence, entrenchment, lateral movement techniques, tools the attackers used (including system administrator tools, remote desktop, PsExec, net command, etc.), host and network indicators of compromise, existing monitoring capabilities, other traditional and non-traditional incident response and investigative tasks. Deliverables will include status reports, which may include a comprehensive list of indicators of compromise, identified risk factors and recommendations, analysis reports, management, and other deliverables as necessary .

Connect With Us

Copyright © 2021 Inceptus, LLC. - All Rights Reserved.

  • Home

Powered by

Cookie Policy

This website uses cookies. By continuing to use this site, you accept our use of cookies.

Accept & Close