Contact person
Karl Resare
Affärsutvecklare
Contact Karl
Customised penetration tests for critical infrastructure
For companies managing critical infrastructure, we offer a customised, network-based penetration test based on an assumed breach scenario.
Syfte
An assumed breach scenario assumes that an attacker already has access to a device on your network, enabling a cost-effective and in-depth analysis of how well your defences resist further intrusion and lateral movement within your network. This analysis provides a key basis for effective remediation and a credible assessment of risk. With the growing realisation that strong digital border protection is not enough, this approach has also become increasingly common. It is responsible and realistic to assume that at some point an attacker will get past border protection, or that the organisation will be hit by an insider.
Target audience
Organisations that manage critical infrastructure, such as energy supply, water treatment, transport, and healthcare, face unique cybersecurity challenges. For these organisations, the consequences of a security incident are not only financial, but can also pose serious risks to societal functions and human lives. Working with RISE, an independent and state-owned provider with extensive experience and accreditation, ensures the highest possible objectivity, quality and safety in implementation - which is crucial for our societal functions.
Method
Adopting an 'assumed breach' scenario is an effective and valuable approach in cybersecurity because it assumes that an attacker is already inside the network. This differs from traditional internal vulnerability scanning, which primarily focuses on identifying and correcting potential vulnerabilities before an attacker can exploit them. "The 'assumed breach' approach prepares organisations for the reality of today's cyber threat landscape where advanced attackers often manage to bypass perimeter defences. This approach highlights the importance of detection and response capabilities, defence-in-depth within the network, and previously unknown vulnerabilities, all of which contribute to a more resilient security posture.
By simulating attacks that have already overcome initial defences, organisations can assess how well their internal controls work to identify and stop attackers from spreading and gaining access to sensitive resources. It also enables testing of how effectively the incident response team can identify and respond to incidents in real time, as well as how well security systems can detect and counter advanced threats.
Our tests are planned and carried out in close dialogue with the client, to ensure the greatest possible value and relevance of the result. Content, scope and boundaries are carefully defined and we always recommend the methodology that we believe best meets the needs and conditions of the organisation.
Delivery of test results
Test results in the form of a report including identified vulnerabilities, their severity and recommendations for remediation.
More information
Contact us for an initial dialogue on how we can contribute to your and Sweden's security.
FAQ
FAQ
Are the tests on-site or remote?
Primarily remote, but depending on the circumstances we can also carry out work on-site.
How is this different from automated vulnerability scanning?
We see this as complementary and focus mainly on the things that automated tools do not find. This could be testing very specialised software or detecting vulnerabilities that require a bit more deep dive and manual testing.
How are the results delivered?
Primarily through a final report presenting the results together with proposals for action or changes, but also through regular meetings and contacts to discuss the findings as the work progresses.
