Internal Architecture & Service review headline goes here
An organisations environment is only as secure as its weakest link, ensuring that the services and configurations within your architecture meet or exceed your security requirements can save you both time and money.
Our team will work with you to perform a review of your architecture, services, and configurations.
We will provide recommendations on how you can improve the overall security posture of your implementation.
Service review report
We will document all findings & recommendations in a Security Architecture & Service Review report for your review.
STRATEGICALLY ADDRESSING GAPS IN DEFENSIVE CAPABILITIES
This allowed the business to strategically address gaps in their defensive capabilities through configuration changes on existing products. The framework also allowed the business to strategically invest in product to fill identified gaps in defensive capabilities while avoiding product overlap to net a better return on investment.
SUCCESSFUL MONITORING AND MITIGATION OF TTPs
The MITRE ATT&CK framework was utilised to allow the business to align their technical mitigation and monitoring capabilities with real life tactics, techniques and procedures used by threat actors. This process allows organisations to identify gaps in these capabilities as well as processes or technologies that could be utilised to both monitor and mitigate a broad range of TTPs.
Our Unique Process We Developed Over 10 years.
Alchemy Security Consulting Pty Ltd provides a broad range of security assessment services to assist our customers in identifying vulnerabilities and maturing their defensive capabilities.
The scope will define the objectives, constraints, scheduling and reporting requirements for the assessment.
We will execute the assessment in line with the agreed scope.
All findings will be documented in a risk prioritised report detailing all findings and recommended actions.
A retest of key findings is performed to validate that remediation actions by the customer have successfully mitigated identified vulnerabilities without introducing further vulnerabilities or risks.
List all the benefits
Frequently Asked Questions
What is an incident response playbook?
What is the MITRE ATT&CK framework?
Can you help review and mature our existing hardening guides and process?
It’s free to chat
The Windows Name Resolution Flow You may be under the impression that turning host names into IP addresses is simple. You check: The Hosts file; then Your system’s DNS (Domain Name System) resolver That’s it right? If you don’t get a response from your local file or DNS, then the system doesn’t exist. Well, no; the name resolution flow in Windows looks something like this: Well, that’s a […]Read More
Red teaming is not a new concept within the cyber security community. However in Australia, Red Teaming is a relatively new term for most organisations. In this blog post we'll take a dive into: What differentiates a Red Team engagement from a Penetration Test. Why you shouldn't consider a red team engagement (You totally should.) […]Read More
When adding a “Password Reset” function to your application it is especially important to ensure this has the same security considerations as any other critical function within the application. Due to the nature of resetting a user’s password, along with many security considerations being overlooked, it is not uncommon for attackers to spend extra time […]Read More