The Difference

Emerging Defense is NOT a traditional forensics or incident response company.

Hybrid Approach

We provide a hybrid skill set that combines both standard forensic incident response capabilities while maintaining an everyday core focus on cutting-edge penetration testing. This hybrid approach is our proprietary process model that combines breach investigation expertise and cutting-edge penetration testing techniques to deliver our marked Investigative Penetration Testing™ (IPT) service offering. This offering provides a revolutionary response to a data breach by identifying root causes in an accelerated fashion, saving minutes, hours, or days of potential forensic analysis and enabling a client to quickly secure their environment and reputation.

Abstracted View
Commonly, on-site incident response teams immediately lose their independent nature upon arrival, encompassed in politics and inaccurate documentation provided by the now-breached and failed IT administration. The traditional breach investigation process inherently loses the ability to abstractly identify breach vectors with an outside viewpoint because of their proximity within the network. Emerging Defense does not participate in the breach investigation process in this manner and therefore maintains an external, abstract (attacker) view of the breach environment.

Request a Call Today

  Investigative Penetration Testing ™

The Emerging Defense Investigative Penetration Testing™ (IPT) model can be executed prior to or during the incident response and forensic investigation to identify the potential cause of a breach and provide forensic direction.

Core Composition

IPT consists of the following core processes:

  • Profiling of the breached environment for suspect breach actors and modes of operation
    leveraging Emerging Defense threat intelligence
  • Identification of suspect breach paths via black box enumeration of the target in a fashion that mirrors the exact activity of a real attacker
  • Deployment of our penetration testing experts with the intent of rapidly identifying external or
    internal attack vectors
  • Execution of forensically sound penetration testing to quickly prioritize exposures through the identification of vulnerable components for cursory forensic analysis, readily exploiteable components for comprehensive forensic analysis, and probable post-compromise activities for threat monitoring
  • Soundly assess targets without destroying evidence or increasing exposure to the organization
  • Delivery of a comprehensive breach analysis report 
  • Delivery of asset data points for expedited forensic analysis of high value or susceptible targets identified by the IPT team
View Our Detailed Methodology

Forensics 2.0

Fighting Fire with Fire

Augmentation

Emerging Defense can augment an on-the-ground forensic team by providing a flip side viewpoint only acquired through years of experience in penetration testing across a plethora of environments. In-house and external forensic teams can take precious days or months to complete an investigation starting from ground zero with little initial direction as to the potential source and/or scale of the breach.

Expedition

Our Investigative Penetration Testing™ (IPT) service expedites initial forensic analysis and triage through the accelerated identification and elimination of breach targets using a single “What would we do?” approach.

Application

As penetration testers, we see many different enterprise environments, research them, break them down, and find a way in. This is the very same mind-set used by an attacker targeting an enterprise. Emerging Defense recommends fighting fire with fire to triage a breach alongside IPT-guided forensics to quickly identify the threat, secure the environment, and save valuable business image and reputation without delay.

  Unique Qualifications

Emerging Defense possesses deep technical, operational, and management experience in performing incident response breach investigation for some of the most prolific attacks against United States public organizations. This experience coupled with a everyday-priority penetration testing focus is what drives the success of our  forensic and incident response service, Investigative Penetration Testing™ (IPT).

Real Breach Experience

Our forensic investigation experience stems from assisting with high-profile breach investigations in the retail, the financial, and the health care industries.

Our practitioners have firsthand participated in forensic breach investigations:
  • Performing stadard forensic examinations of compromised production systems or devices
  • Actively defending organizations through the identification and monitoring of live breach actors entrenched in an organization
  • Developing security operations center (SOC) capabilities to detect historical breach data and prevent reoccurrences
  • Deploying network and host breach signatures derived from forensic data, Emerging Defense threat intelligence, and penetration testing experience
View Service Offering Details >
  

Our Value

latest tweets @EmergingDefense

2 days ago Shadowbrokers released passphrase to decrypt equation group files https://github.com/x0rz/EQGRP


5 days ago Solaris rpc.cmsd remote root exploit (TAO's EASYSTREET) #0day #zeroday http://bit.ly/2ojN1x1


9 days ago This particular feature is also done within Office VBA and no external WMI, PowerShell, or Win32 API calls. http://bit.ly/2oNGxHB

Follow Us >

newsletter signup

Sign up for our newsletter