Compromise Assessment

Compromise Assessment helps organisations adopt a more proactive approach to cybersecurity. Instead of dealing with vulnerabilities after they have taken effect, Compromise Assessment aims to discover these vulnerabilities early to prevent a breach.

Most organisations already have a portfolio of cybersecurity solutions in place (Vulnerability Management, Pen Testing, SIEM, Anti-Virus). Compromise Assessment is 100% complimentary to such solutions and aims to provide a detailed map of your infrastructure so you can make more informed decisions on how to best leverage these solutions.

Traditionally, Compromise Assessment is a very labour intensive process that requires resources onsite. Between manually gathering the windows log data for analysis and drafting up the final assessment report, the entire process can take anywhere between 10-12 weeks to complete. Traditional Compromise Assessment is also charged on an hourly basis.

We can perform Compromise Assessment services remotely for their clients in a matter of days and can also produce results the same day depending on the assessment scope size. We can also reduce associated costs for a compromise assessment by up to 70%.



Compromise Assessment Use Cases


Breach & Compromise Detection

If you think you may have a breach or want to verify if your network and organisation is clean then having a review will highlight current and past breaches and also identify weaknesses in your cyber posture. A compromise assessment will find current and past compromises and highlight areas that a traditional penetration test simply will not.


Cyber Posture Evaluation

We will provide an in-depth evaluation of your current cyber posture while highlighting any previously undetected vulnerabilities on your network. We can determine whether a breach has occurred and what gaps need to be addressed to prevent one in future.


Regulatory Compliance Measures

The costs of an undisclosed data breach can be very damaging from both a financial and reputational point of view. We can help highlight organisations’ compliance with regulatory requirements.


Third Party Risk Evaluation

Trust is a key factor in any business relationship. Our Compromise Assessment will provide due diligence when dealing with partners by instilling confidence that they are not exposed to any unnecessary threats or vulnerabilities.


Cyber Insurance

Our compromise assessment is very useful for insurance brokers who wish to provide cyber insurance policies to their customers. Offering such policies can be very risky as often the likelihood of the customer becoming victim to a cyber attack is unknown. A Compromise Assessment will highlight the likelihood of this occurrence allowing underwriters to make an informed decision on whether or not they should offer a cyber insurance policy to their potential client.


Mergers & Acquisitions

Before signing off on a Merger/Acquisition, a Compromise Assessment can be completed to ensure the acquired company does not pose any unnecessary cyber risks to the purchasing company.

Talk to us, before you need us

If you would like to discuss your requirements and would like to hear more about how we can save you 70% in time, resources and costs on your Compromise Assessment.

The Benefits of Compromise Assessments

It’s not a question of if your organisation will be breached. It’s a question of when.

Most attackers remain active in your environment for 150+ days before being detected. Only a small percentage of organisations discover the presence of attackers themselves, normally it is brought to the organisation’s attention from a third-party security team. Having an attacker in the organisation for long lengths of time could do a great deal of damage.

A compromise assessment answers the all-important question: Have you been breached?

6 Key Business Benefits of Compromise Assessment

Detection of Vulnerabilities & Indicators of Compromise

Assessment of Network and inventory of connected user accounts to identify potential vulnerabilities or existing breaches.

Risk Assessment

Help a company understands its appetite for risk by identifying network weak points and security gaps, and the risks associated with them. Only when companies fully understand their network, the risks that threaten it, and how these risks are addresses within their cyber strategy, can they determine where to direct the processing power of existing cyber solutions.

Effective Management of Infrastructure

Identify and action previously undetected vulnerabilities quickly – areas such as potentially dangerous software, violation of duties by admin teams, vulnerable service accounts, evidence of lateral movement, devices running out of support versions of WIndows OS.

Asset Discovery

Asset Discovery is the process of identifying and gathering details on the physical devices connecting to your network. These devices will range from hardware devices such as Servers, PC’s and Laptops to Switches and Tablets. Building a detailed topology of your network is an important exercise to collect as it allows Network Administrators to make better decisions regarding Cyber Security

Verifiable Cyber Baseline

Compromise Assessment is a comprehensive report delivering an accurate understanding of the current state of the network that can be used as a roadmap to improve overall cyber security.

Peace of Mind

A compromise assessment can be used to demonstrate to senior management, clients and investors that a company has a proactive validation approach to cybersecurity and that its infrastructure is regularly assessed for signs of vulnerability and compromise.

Our Process

The 5 steps below are broad categories and can generally be applied to multiple infrastructure assessment types, regardless of whether it is internal, external or some other combination.

Log Data Collected

Log Data is collected from Endpoints, Network & Applications which includes Windows event logs, Registry Keys, WMI Queries and Commands. We are able to gather all this information from a single agent.

Encrypted & Uploaded

All data gathered from the end-user network is double encrypted; once before it leaves the individual device and again when the data is collated for upload.
Asymmetric encryption is used and involves two encryption keys being issued:

  •  One at the end-user site to encrypt
  • One within the platform to decrypt

Data Parsed into Structured Format

Uploaded data is parsed and transformed into a structured format, ready for the platform to be able to run analysis.

Data Analysis

Data is analysed against our proprietary database of cyber threat models.

Report & Findings

The final Compromise Assessment report can be downloaded in multiple formats and mapped to industry standards such as ISO 27001 & Cyber Essentials.

We are able to deliver a Compromise Assessment within 48 hours.

We are able to deliver a Compromise Assessment within 48 hours.


If you have any further questions about our compromise assessment service that are not answered below please feel free to call us on 0333 311 0121 or book a meeting with one of our cyber security experts
What is a Compromise Assessment?
A Compromise Assessment is an objective survey of a network and its’ endpoints to discover unknown vulnerabilities, security breaches, malware, and signs of unauthorized access or indicators of compromise. More specifically, the assessment seeks to find attackers who are currently in the environment or that have been active in the recent past.
What information do we collect from the organisation?
Our Collector does not collect personally identifiable information (PII), only the following data: • Windows event logs • Registry keys • WMI queries • Commands
Penetration testing and Compromise Assessments
Penetration testing and Compromise Assessments are both equally important and serve different purposes and we would always recommend that both assessment services are performed. We would strongly recommend that a compromise assessment is completed prior to a penetration test to ensure that none of the attack techqniues and scanning is detected and shows up in the compromise assessment report.
How often should a compromise assessment be performed?
Typically, it should be performed at least once a year. Additionally, you may wish to perform a compromise if you have a valid reason. Reasons could be if a threat actor is selling network access to your network, a tip-off from an external entity or you suspect that you may have been breached?
Mergers & Acquisitions Risk Assessment
Mergers and acquisitions (M&As) can massively expand a business’s reach and income, but they could also put it in a precarious position if the target company is not on stable footing. Your business may inherit a threat that your target didn’t even know was present in its systems.
Why Conduct a Remote Compromise Assessment Before a Merger or Acquisition?
Check for Breaches

Even if a business appears to have robust defences, some attacks may have sneaked through undetected. Regardless of the target’s apparent comprehensiveness, a Remote Compromise Assessment should be conducted to verify that the systems are secure. Acquiring or merging with a business with a weak cybersecurity posture can jeopardize the infrastructure of the newly established entity.

Confirm the Value

A business’s network and data are essential elements of its overall value proposition. Without having a strong idea of your target’s cyber hygiene, you cannot accurately assess its worth. This is especially true in industries that rely heavily on private information of consumers and/or intellectual property. If accessed data has been acquired by cybercriminals, the target’s value may be significantly lower than it appears at first blush.
How long is a compromise assessment valid?
The assessment is a snapshot in time, hence is only valid for the time the assessment is occurring. It does not provide any evaluation of your controls nor assurance that you will not be compromised in the future.

Contact us for more information

Please fill out the form below or call us directly on +44 (0) 333 311 0121.