.jpg.transform/md/image.jpg)
We will get back to you as soon as possible. Meanwhile, check out Our Thinking page for more cyber security insights.
Check out more cyber security insights
The effectiveness of your detection capability is measured by how fast it triggers a suitable response. This is only ever the result of understanding the types of threats that exist, which are most likely to affect your organization, and what indicators to look for.
- Assess real risk Holistically assess the effectiveness of your controls against the attackers likely to target your business.
- Upskill your team Learn from offensively-trained consultants with experience of the attacks you’re defending against.
- Verify performance vs cost Gather and interpret data to support future spending decisions and retire ineffective tooling.
- Benchmark capability Understand how your approach compares to competitors’ and identify ways to close the gap.
Our approach
Capabilities
Services & solutions
Maintaining an effective detection and response capability is challenging and costly. It requires up-to-date knowledge of the threat landscape, correctly tuned technology and controls, a team of capable analysts, and the policies to prompt a response if needed. This explains why so few attacks are swiftly detected after initial compromise.
Our detection consultancy focuses on raising your overall security posture and building operational resilience through close partnership. We help you understand your capability holistically, in terms of how your critical assets would be targeted by attackers, then develop solutions that can be tested through adversarial simulation and tabletop response exercises. We provide insights and recommendations with tangible business outcomes, whether that’s decreasing the time your team spends investigating false positives or closing the gap between yours and your competitors’ capability to withstand APT-level attacks.
Our attack simulation platform can simulate over a hundred modern attack techniques across the cyber kill-chain and track regression over time. This technological capability is augmented by our offensively trained consultants who work with your team and test controls in a realistic but safe manner. Our consultants hold certifications from CHECK, CREST, ISC2, SANS, and OSCP, and actively deploy this certified knowledge when developing your security analysts.
Our detection consultancy is bespoke, scoped to deliver the specific outcomes required by your organization. Within this, some specific services and solutions can be applied, including:
Attack Detection capability assessment (ADCA)
ADCAs are our interpretation of the traditional purple team exercise. Rather than measuring the performance of competing offensive (red) and defensive (blue) teams, these teams work together towards a common goal. Collaboratively, we assess defense in-depth across the lifecycle of an attack, highlighting areas for improvement and/or investment across people, process, and technology.
AttackSim
AttackSim is our proprietary attack simulation tooling, first developed by consultants for consultants. Now, it is deployed in engagements to simulate the attackers targeting clients’ businesses and measure their ability to detect the TTPs they would use. With the ongoing support from consultants, AttackSim can be used point-in-time or deployed continuously, as part of an ongoing security program, to track how changes in your environment influence your detection capability.
Speak to the team
Detection that defends your organization from a range of attackers is a necessary challenge. We can help.
Related resources
How we can help
One of the biggest mistakes organizations make with their detection capability is relying on tooling alone. Monitoring is part of the solution, but it has to be supplemented with the knowledge of dedicated specialists, continuous data analysis by a skilled SOC, and regular tuning of your technology. Detection must be seen in the context of your broader security posture if it's to work. This is where we come in.
- Threat intelligence Data gathered first-hand when battling attackers—from opportunists to APTs—is used to inform our understanding of who is trying to compromise your organization, what their motives are, and how they will attempt to reach actions on objectives.
- Offensive and defensive specialisms Our consultants think like attackers without losing touch with your complex and hard-to-balance organizational needs. And our detection consultancy brings the two together, helping you tackle real business problems with a threat-centric mindset.
- Technology + manpower Just as your detection capability uses the power of tooling and the specialist skills of analysts, the two are essential to our approach. Consultants provide experience, context, and training, whilst our technology delivers high-quality telemetry, continuously, at scale.
Accreditations & Certificates
F-Secure Consulting (F-Secure Cyber Security (Pty) Ltd) is a level 4 contributor to B-BBEE with a procurement recognition level of 100%. Learn more and download our B-BBEE certificate. Click here to read the press release.
