Unit 42 Business Email Compromise (BEC) Readiness Assessment

Outcomes: Improve your organization’s ability to prevent BEC and other email-based attacks.

Services: We perform an in-depth technical review of the security configuration of your email environment, leveraging multiple hardening standards and battle-tested best practices.

Deliverables: We’ll provide a report of control enhancements and recommendations for your organization to better prevent BEC and other email-based attacks.

Outcomes: Improve your organization’s ability to quickly and effectively respond to a BEC attack.

Services: We’ll design and facilitate a BEC attack Tabletop IR Exercise based on the thousands of investigations our IR team has performed to test your readiness with a simulated attack and help you practice IR processes and workflows.

Deliverables: We’ll provide an after-action report with recommendations for policy and process improvement.

Outcomes: Extend your IR team’s capabilities by putting the world-class Unit 42 IR team on speed dial with SLA-driven response times. Improve recovery times and the efficacy of IR.

Services: Your retainer hours are valid for one year and can be used for IR services or proactive cybersecurity advisory services as needed.

Deliverables: What we provide will vary depending on the service request.

Drawing on our deep expertise in responding to BEC and other email-based attacks, the Unit 42 Email Compromise Assessment identifies evidence of historical or ongoing compromise in your email environment. Unit 42 IR experts analyze account logs and telemetry to search for unauthorized access, including rule creation and data exfiltration:

Outcomes: Gain visibility into suspicious email account activity and take action to secure your email environment.

Services: Unit 42 IR experts analyze account data to identify IoCs and hidden threats.

Deliverables: You’ll get a report with findings and recommendations for control enhancements based on empirical observations, configuration settings, and opportunities to reduce your attack surface.

Outcomes: Identify gaps in your defenses before the threat actors do and increase security awareness.

Services: The Unit 42 Offensive Security team launches a targeted spear phishing attack against high-value targets in your organization.

Deliverables: Report of results and recommendations for control enhancements.

Outcomes: Improve your ability to respond to and recover from email based attacks.

Services: The Unit 42 Security Consulting team reviews your existing IR processes and recommends a best practice playbook based on your specific environment and capabilities, including our extensive experience responding to email-based threats.

Deliverables: Tailored BEC incident response playbook.

Outcomes: Increase security awareness. Validate and improve your defenses against advanced email attacks.

Services: The Unit 42 Offensive Security team targets your email accounts and conducts a custom-designed campaign of advanced email-based attacks, including credential theft, phishing, and other advanced attack methods.

Deliverables: Receive reports of the results of each simulated attack and training and control enhancement recommendations.

Outcomes: A cyberaware workforce, informed of today’s advanced threats and their role in preventing cyberattacks.

Services: We deliver cyber awareness training tied to the outcomes of your Purple Team Exercise and tailored to your industry vertical, sensitive information assets, and key functional roles throughout the organization.

Deliverables: Get a live training session via webinar.