offensive service image

Offensive Services

Mimic real-world cyber threats using state of the art Banshie technology and expertise
offensive service image

What is Red Teaming?

Our skilled offensive specialists engage in a safe and controlled testing of your security systems, identifying and exploiting potential weaknesses.

Red Teaming distinguishes itself from traditional penetration tests by employing advanced, non-standard tools and techniques on top of traditional tooling.

Technical flaws are secondary to understanding how a threat was able to impact your organization, this knowledge prevents real exploits.

banshie assume breach

For further deliverables, please see our service description

Why you need it

Test your organizations detection capabilities and resilience against modern advanced attackers.
Red Teaming is the gold standard of offensive security, encompassing people, processes, and technology.
A focus is put on training your Blue Team (defence) against future hacks with dedicated workshop sessions.

For further deliverables, please see our service description

How it works

red team icons (2)

Real attack techniques

We use techniques and tools employed by real attackers to highlight vulnerabilities and existing strengths.
red team icons (3)

Red Teaming Methods

Phishing, simulated malware payloads, and social engineering are a few examples of Red Teaming exercises.

red team icons (1)

Thorough Exploration

Performed over a non-restrictive timeframe, we are able to comprehensively probe your network and people.

For further deliverables, please see our service description

What is Assume Breach?

As the name suggests, Assume Breach presumes our team has made it past your perimeter defenses.

An Assume Breach is designed to evaluate your current security posture for when your external perimeter has been breached.

The result can then be used to strengthen your infrastructure configuration or to tune your detection capabilities and assist you in creating a future roadmap that will have the greatest impact.

assume breach banshie 2

For further deliverables, please see our service description

Why you need it

The most important part of your defence is breach response, that is what defines the level of damage done.
Assume Breach recommendations help you detect and respond to attacks before irreversible harm is done.
A focus is put on training your Blue Team (defence) in how to respond to future attacks.

For further deliverables, please see our service description

How it works

assume breach steps (2)
assume breach steps (3)
assume breach steps (4)
assume breach steps (5)
assume breach steps (1)
Based on the assumed breach mentality we will simulate a real attacker, using real tools and techniques.
By demonstrating exploitable vulnerabilities and defensive strengths, we gain a clear overview of which areas need to improve.
At the end of the simulation, Banshie will provide a full description and thought process behind the attack, as well as clear and actionable recommendations.

In addition to this, the company will receive a full overview of the actions performed by Banshie, which can be mapped to the MITRE ATT&CK framework.

These mappings can be used as part of the MITRE ATT&CK Service or internally to map out and document areas of improvement against future threats.

For further deliverables, please see our service description

What is Attack Path Mapping?

Threat actors continuously seek to breach corporate IT systems. Effectively defending against the unknown and unseen is challenging. However, we have tools that help. Monitoring internal attack surfaces is an invaluable tool in ensuring you’re always ahead of the attackers.

Attack Path Mapping identifies weaknesses and “negative business events” that could disrupt or compromise the client’s business. The test involves anything from data theft or destruction, ransomware deployments to long-term persistent access to the estate, and is designed and executed in collaboration with the client.

By focusing on key objectives rather than technological auditing, we’re able to take a holistic view on your security, mapping out any and all threat vectors, and guiding you to plug them.

attack path mapping banshies

For further deliverables, please see our service description

Why you need it

Attack path mapping is for organizations and companies preparing to expand their security coverage to what lies beyond the perimeter.
It creates, informs and validates your understanding of attacks that can feasibly happen across your estate, as opposed to testing individual components.
Testing individual components, while valuable, does not keep threat actors from causing extensive damage outside of those areas.

For further deliverables, please see our service description

How it works

Attack Path Mapping focuses on objectives, disregarding the technology. By taking this approach, we’re able to identify as many attack paths as possible for any given objective, rather than being constrained or fall victim to tunnel-vision as in a Red Team engagement. See the below graphic for a breakdown of example stages of our attack path mapping service.

Potential attack paths are designed based on input from the client, and are then technically validated in full visibility of the client’s detective function. Exploitation is performed in a coordinated fashion with the client, to ensure that validation efforts get maximum coverage, without risking disruptions to operations.

High-level strategic recommendations are provided based on this work, to resolve issues at their root rather than engaging in whack-a-mole patching and fixes.

Attack Path Objectives

Some examples of attack path objectives:

  • Disrupt internal phone services.
  • Access personally indentifable information.
  • Demonstrate access to confidential emails (emails will not actually be accessed due to letter secrecy laws).
  • Deploy (benign) ransomware.
  • Modify content on a public website.
  • Conduct SWIFT payments (for international banks).
  • Bypass the Four Eyes Principle (for financial trading platforms).
  • Tamper with Automated Teller Machines (for bank operators).
  • Deploy crypto miners in the cloud.
banshie attack path mapping chart

For further deliverables, please see our service description

What is Penetration Testing?

Our experienced offensive specialists conduct secure and controlled tests on your security systems, pinpointing and exploiting potential vulnerabilities.

Penetration testing encompasses a broad spectrum of offensive services that aren’t covered by our other offerings. We collaborate with clients to tailor a customized scope of work, precisely aligning our offensive services with your unique requirements.

See our “How It Works” section for examples.

penetration testing banshie 3

For further deliverables, please see our service description

Why you need it

penetration testing banshie icons (2)
Penetration testing is fully customisable, we can scope the service to fit within your specific needs.
penetration testing banshie icons (3)

Test your organizations preventative and detective capabilities, and resilience against modern advanced attackers targeting a multitude of assets.

penetration testing banshie icons (1)

A focus is put on identifying vulnerabilities and weaknesses, preventing exploitation and training your Blue Team (defence) against future hacks.

For further deliverables, please see our service description

How it works

Penetration testing is a catch-all term for offensive services. It can involve any part of Red Teaming, Assumed Breach, Attack Path Mapping, and Cloud Security Assessments, as well as many other offensive services.

Our penetration testing is fully customisable, we can tailor the approach to completely fit your needs.

Examples of Penetration Testing

These are areas of penetration testing that don’t fall under our other services but that we are able and experienced in delivering.

penetration testing area icons (6)
penetration testing area icons (5)
penetration testing area icons (4)
penetration testing area icons (3)
penetration testing area icons (2)
penetration testing area icons (1)
penetration testing area icons (7)

For further deliverables, please see our service description

What is Penetration Testing?

The cloud environment is constantly changing, making it difficult to rapidly detect and respond to threats.

Cloud security assessments help identify and assess risks associated with the cloud environment, allowing organisations to prioritise and address the most critical vulnerabilities.

You get a clear understanding of the risks and vulnerabilities they face with the services exposed to the Internet, and the possible implications of an account being compromised,

cloud security banshie

For further deliverables, please see our service description

Why you need it

Identify vulnerabilities and weaknesses in data storage and transmission, ensuring data confidentiality, integrity, and availability.
Identifying and addressing security weaknesses in your cloud environment helps prevent costly and damaging data breaches.
Regular assessments help organizations stay up to date with the latest security measures and adapt to new technologies.

For further deliverables, please see our service description

How it works

Banshie will test both as an unauthenticated (anonymous) user, meaning anyone from the Internet who can interact with the cloud services, and as a logged-in user.

Based on the risk appetite and the number of users/privileges available, a more in-depth analysis can be performed. At the basic level, an assessment uses a read-only account which allows us the check for insecure configurations, and report potential attack paths.

An in-depth analysis uses a more granular approach where multiple users accounts with different roles are provided for the testing. These roles replicate the same permissions that users of the company have (i.e.: developer, accountant, HR, etc.).

This makes it possible to evaluate the permissions and controls in place, and what the risks associated with any of these accounts being compromised are.

Banshie always uses techniques and tools used by real attackers, to demonstrate exploitable vulnerabilities and effective defenses present in the current estate. This will give an overview of which areas need to improve, and validate those that are sufficient.

banshies csa

For further deliverables, please see our service description

Other Services

Modern and decisively focused, our services are powered by an elite team of cyber security experts.

banshie reach out 1

Reach out

Our mission is to help companies prevent, detect and respond to breaches, and help secure their data. We offer honest, straightforward advice, and guide you to a more secure company.

Reach out

Our mission is to help companies detect, respond and secure their data. We offer honest, straightforward advice, and guide you to a more secure company.
banshie reach out 1

Under attack?

Under attack?