Passive Analysis

How It Works


Targeted testing of your IT systems incorporating internal, external, application and network level attack methods



Professional Services

Your virtual team

Security Assurance Consultant

Security Analyst

Typical reconnaissance activity by hackers ahead of an attack


Passive Analysis delivers a bespoke report that discovers and distils the available information regarding your organisation sourced from within the public domain and dark web.


This is akin to a typical activity conducted by the hacking community as a reconnaissance exercise to find any exposed or soft targets that can be easily attacked.


An often illuminating report that shows where your organisation may have been exposed to and an unknown victim of a series of historical data breaches.


The report offers practical advices on the steps to take to eradicate these threats being used against you at any point in the future. We will highlight which users are compromised, their passwords and credentials and whether these accounts are still active and may be used on any of your openly accessible portals.


Beyond the user community the report also assesses the strength of your domains, web services and any third-party accounts you may use.

How attackers may historical breach data against you


Accessing both recent and historical breach data on the dark web and using your domain name as a key, they harvest all user account information for your company.


Then using LinkedIn as a cross-check to see which employees are still actively employed they remove the residual harvested data and focus on reverse-engineering passwords of the current users until they find “Betty” who works in Accounts Payable.


Now they have an active user with privileges and a decrypted password. A cursory investigation of the company’s network perimeter reveals an open portal that the recently gathered credential can now be used for nefarious ends.

Passive Analysis Report

While no two Passive Analysis reports are alike, typically the table of contents would include


    • Executive summary
    • Risk scenarios
    • Identified and exposed systems, staff and employees
    • Online presence, technologies and front-end systems analysis
    • Potential cost of breach
    • Historical attacks on your company 

To receive your free example report complete your details today

 
 
 
 
 

Addresses:

Registered Office

Zepko

2nd Floor

31 Chertsey Street

Guildford

Surrey

GU1 4HD

Security Operations Centre

Zepko

11th Floor Centre City Tower

5-7 Hill Street

Birmingham

B5 4UA