Vulnerability Assessment

A vulnerability Assessment uses a variety of tools to generate a report identifying software and services posing a risk to your organisations integrity. This is an essential task in maintaining a minimum security standard. The report can then be used as an action list by your internal IT team to ensure patch fulfilment.

The Armoured Core Vulnerability Assessment service performs an in depth analysis of your internal and external infrastructure on a periodic basis as agreed. The resulting assessment generates a vulnerability report/task list which we can then integrate automatically into your existing support teams ticketing system to help drive your internal patching process in a measurable fashion.

Penetration testing

A penetration test is a pre-agreed cyberattack simulation performed on your internal or external systems. Using state-of-the-art tools and techniques to simulate the possible scenarios an adversary could use to steal intellectual property, personal data, funds and other assets critical to your business continuity.

Armoured Core consults closely with its customers to provide a tailored penetration testing service. The criteria for the penetration test, time frames, scope, targets etc. are pre-agreed and clearly defined with our customers during a consultation period. An example penetration test may start by Armoured Core using social engineering to gain a persistent foothold into your organisations systems. From there the assessment will continue to test what other internal systems can be exploited and what data is vulnerable to theft/destruction.

Simulated Breach

According to the Cyber Security Breaches Survey 2019 32% of UK businesses identified an attack or breach in the previous twelve months. Not only are these attacks expensive regardless of whether the ransom is paid or not they are also highly destructive and with the new trend of ransomware actors threatening to leak the pilfered data to the public domain, leaving an organisation open to hefty fines and litigation from third parties. These factors combined are enough in the past the put an organisation temporarily or permanently out of business.

We are expert in traditional/file-less malware and ransomware. Having developed our own in house software to simulate such attacks, coordinated remotely using our state-of-the-art cloud based command & control service we can effectively test your companies employees and process fitness in an emergency scenario. Consider this a security 'fire drill'. How an organisation reacts in the precious moments after an attack can make a big difference to the outcome. Armoured Core work closely with our customers following a simulated breach to help understand the companies requirements in terms of disaster recovery and emergency response helping organisation implement solid risk strategy to mitigate these factors.

Red Team Engagement

Unlike the penetration test whose goal is to weed out as many vulnerabilities as possible A red team engagement is a stealthy attack simulation typically with a single specific agreed target/goal often requiring a physical bypass of perimeter security to gain access to the digital aspect.

As well as the tools and techniques used in a vulnerability assessment or penetration test Armoured Core use a wide variety techniques to fulfil a red team engagement including social engineering, physical security bypass. This is the next level up and a specialised service usually performed after successful vulnerability assessments and penetration tests.

Threat Modelling

Working closely with its customers in a consultation capacity Armoured Core identifies threats to your company such as what are your most likely targets and high value assets are, identifying an effective and secure topology layout to reduce exposure.

Armoured core uses proven industry standard modelling tools to perform real world threat modelling. The resulting Threat model is a crucial tool in the development of an effective risk management strategy and well planned infrastructure.

Security Awareness Training

Our tailored training packages are designed to raise user awareness regarding threats that exploit the human condition (social engineering) Not all attacks are technical in nature many technological attacks are initiated by exploiting the many facets of human nature. Social engineering attacks often focus on coaxing an employee to click a link, open a door or diverge information they otherwise shouldn't.

Our tailored training packages will equip your employees to be mindful of the tools and techniques commonly used to exploit human nature during social engineering our training packages are tailored specifically to each individual customers requirements and can be delivered in a classroom session or online via our training portal. Our training packages contain information specifically relevant to all levels from CEO to the end user encompassing all departments from IT, accounting, warehousing etc.