[](https://www.paloaltonetworks.com/unit42?ts=markdown) ![x close icon to close mobile navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-black.svg) [![unit42 logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/unit42-logo-dark.svg)](https://www.paloaltonetworks.com/unit42?ts=markdown) ![magnifying glass search icon to open search field](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/search-black.svg) * [](https://www.paloaltonetworks.com/unit42?ts=markdown) * [About Unit 42](https://www.paloaltonetworks.com/unit42/about?ts=markdown) * Services ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Services [Assess and Test Your Security Controls](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [AI Security Assessment](https://www.paloaltonetworks.com/unit42/assess/ai-security-assessment?ts=markdown) * [Attack Surface Assessment](https://www.paloaltonetworks.com/unit42/assess/attack-surface-assessment?ts=markdown) * [Breach Readiness Review](https://www.paloaltonetworks.com/unit42/assess/breach-readiness-review?ts=markdown) * [BEC Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/business-email-compromise?ts=markdown) * [Cloud Security Assessment](https://www.paloaltonetworks.com/unit42/assess/cloud-security-assessment?ts=markdown) * [Compromise Assessment](https://www.paloaltonetworks.com/unit42/assess/compromise-assessment?ts=markdown) * [Cyber Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/cyber-risk-assessment?ts=markdown) * [M\&A Cyber Due Diligence](https://www.paloaltonetworks.com/unit42/assess/mergers-acquisitions-cyber-due-diligence?ts=markdown) * [Penetration Testing](https://www.paloaltonetworks.com/unit42/assess/penetration-testing?ts=markdown) * [Purple Team Exercises](https://www.paloaltonetworks.com/unit42/assess/purple-teaming?ts=markdown) * [Ransomware Readiness Assessment](https://www.paloaltonetworks.com/unit42/assess/ransomware-readiness-assessment?ts=markdown) * [SOC Assessment](https://www.paloaltonetworks.com/unit42/assess/soc-assessment?ts=markdown) * [Supply Chain Risk Assessment](https://www.paloaltonetworks.com/unit42/assess/supply-chain-risk-assessment?ts=markdown) * [Tabletop Exercises](https://www.paloaltonetworks.com/unit42/assess/tabletop-exercise?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [IR Plan Development and Review](https://www.paloaltonetworks.com/unit42/transform/incident-response-plan-development-review?ts=markdown) * [Security Program Design](https://www.paloaltonetworks.com/unit42/transform/security-program-design?ts=markdown) * [Virtual CISO](https://www.paloaltonetworks.com/unit42/transform/vciso?ts=markdown) * [Zero Trust Advisory](https://www.paloaltonetworks.com/unit42/transform/zero-trust-advisory?ts=markdown) [Respond in Record Time](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Cloud Incident Response](https://www.paloaltonetworks.com/unit42/respond/cloud-incident-response?ts=markdown) * [Digital Forensics](https://www.paloaltonetworks.com/unit42/respond/digital-forensics?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond/incident-response?ts=markdown) * [Managed Detection and Response](https://www.paloaltonetworks.com/unit42/respond/managed-detection-response?ts=markdown) * [Managed Threat Hunting](https://www.paloaltonetworks.com/unit42/respond/managed-threat-hunting?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Unit 42 Retainer](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) [![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-unit-42.svg) UNIT 42 RETAINER Custom-built to fit your organization's needs, you can choose to allocate your retainer hours to any of our offerings, including proactive cyber risk management services. Learn how you can put the world-class Unit 42 Incident Response team on speed dial. Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) * Unit 42 Threat Research ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Unit 42 Threat Research [Unit 42 Threat Research](https://unit42.paloaltonetworks.com/) * [Threat Briefs and Assessments Details on the latest cyber threats](https://unit42.paloaltonetworks.com/category/threat-research/) * [Tools Lists of public tools released by our team](https://unit42.paloaltonetworks.com/tools/) * [Threat Reports Downloadable, in-depth research reports](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fresearch&ts=markdown) [THREAT REPORT 2025 Unit 42 Global Incident Response Report Read now](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) [THREAT BRIEF Russia-Ukraine Cyberattacks: How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement Learn more](https://unit42.paloaltonetworks.com/preparing-for-cyber-impact-russia-ukraine-crisis/) [THREAT REPORT Highlights from the Unit 42 Cloud Threat Report, Volume 6 Learn more](https://www.paloaltonetworks.com/resources/research/unit-42-cloud-threat-report-volume-6?ts=markdown) * Partners ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Partners Partners * [Threat Intelligence Sharing](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) * [Law Firms and Insurance Providers](https://www.paloaltonetworks.com/unit42/incident-response-partners?ts=markdown) [THREAT REPORT 2025 Unit 42 Incident Response Report Read now](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) [THREAT BRIEF Russia-Ukraine Cyberattacks: How to Protect Against Related Cyberthreats Including DDoS, HermeticWiper, Gamaredon, Website Defacement Learn more](https://unit42.paloaltonetworks.com/preparing-for-cyber-impact-russia-ukraine-crisis/) [THREAT BRIEF Operation Falcon II: Unit 42 Helps Interpol Identify Nigerian Business Email Compromise Ring Members Learn more](https://unit42.paloaltonetworks.com/operation-falcon-ii-silverterrier-nigerian-bec/) * Resources ![black arrow pointing left to go back to main navigation](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-black.svg) Resources Resources * [Research Reports](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fresearch&ts=markdown) * [Webinars](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fwebinar&ts=markdown) * [Customer Stories](https://www.paloaltonetworks.com/unit42/customer-stories?ts=markdown) * [Datasheets](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fdatasheet&ts=markdown) * [Videos](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fvideo&ts=markdown) * [Infographics](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Finfographic&ts=markdown) * [Whitepapers](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Fwhitepaper&ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&fq=RC_TYPE_DFACET%3Apan%253Aresource-center%252Frc-type%252Farticle&ts=markdown) Industries * [Financial Services](https://www.paloaltonetworks.com/industry/unit42-financial-services?ts=markdown) * [Healthcare](https://www.paloaltonetworks.com/industry/unit42-healthcare?ts=markdown) * [Manufacturing](https://www.paloaltonetworks.com/industry/unit42-manufacturing?ts=markdown) [THREAT REPORT 2025 Unit 42 Global Incident Response Report Read now](https://www.paloaltonetworks.com/resources/research/unit-42-incident-response-report?ts=markdown) [ANALYST REPORT Unit 42^®^ named a Leader in the 2025 IDC MarketScape for Worldwide IR Services. See our difference](http://start.paloaltonetworks.com/idc-incident-response-marketscape-2025) * * [Under Attack?](https://start.paloaltonetworks.com/contact-unit42.html) ![palo alto networks logo icon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/logo-default.svg) ![white arrow icon pointing left to return to main Palo Alto Networks site](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/arrow-right-white.svg) [](https://www.paloaltonetworks.com/unit42?ts=markdown) Search All * [Tech Docs](https://docs.paloaltonetworks.com/search#q=unit%2042&sort=relevancy&layout=card&numberOfResults=25) Close search modal *** ** * ** *** CYBER RISK MANAGEMENT SERVICES ## Business Email Compromise (BEC) Readiness Assessment Protecting your organization against business email compromise starts with ensuring you have the right people, process, and controls in place and tuned to defend against BEC and other email-based attacks. * [Contact us](#contact) * [Download datasheet](https://www.paloaltonetworks.com/resources/datasheets/bec-readiness-assessment?ts=markdown) **unit42** ![](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/x-white.svg) BenefitsService FeaturesMethodologyWhy Unit 42 * [Benefits](#benefits) * [Service Features](#service-features) * [Methodology](#methodology) * [Why Unit 42](#why) {#benefits} BENEFITS ## Prevent email-based attacks through preparation ### Unauthorized access to email leading to financial fraud -- or business email compromise (BEC) -- is one of the most prevalent forms of cyberattacks today. With a Unit 42^®^ BEC Readiness Assessment, you prepare for this challenge through a targeted risk assessment that identifies the critical control steps to best defend your organization against this ongoing threat. ![Card Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/cyber-risk-assessment/identify.svg) ![Card Mobile Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/cyber-risk-assessment/identify.svg) ### Harden email security Control and mitigate email attacks by identifying gaps and fine-tuning defenses. You'll make data-driven decisions, adopting best practices to allocate your resources in a more effective manner. ![Card Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/faster-time-to-respond-to-a-breach.svg) ![Card Mobile Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/faster-time-to-respond-to-a-breach.svg) ### Enhance response capability Using real-world observations we've made while investigating BEC attacks, you'll improve your ability to quickly and effectively prevent, detect and respond to email-based threats. ![Card Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/take-proactive-approach.svg) ![Card Mobile Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/take-proactive-approach.svg) ### Reduce incident impact By proactively preparing for BEC attacks, you will have all the elements in place to reduce the operational and financial impact of any incident, responding effectively to each threat. ![Incident Response Report 2025](https://www.paloaltonetworks.com/content/dam/pan/en_US/includes/igw/unit42-sec-ebook/sticky_nav/images/global-incident-response-report.png) READ THE REPORT ## Dive into the latest cyber threat trends and insights from Unit 42. Discover actionable strategies to fortify your defenses against today's most advanced cyber risks. [Download report](https://start.paloaltonetworks.com/unit-42-incident-response-report.html) ![unit42 star](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42/Unit42Star.png)![unit42 star](https://www.paloaltonetworks.com/content/dam/pan/en_US/unit42-contained-exp/overview/Unit42DemandGenMobile.svg) {#service-features} SERVICE FEATURES ## Knowledge and preparation matter ### The Unit 42 Business Email Compromise Assessment is available in three different tiers -- each one designed to match the unique needs of your specific organization. {#tiers} BASIC ASSESSMENT #### Tier 1 ##### Improve your ability to identify and respond to Business Email Compromise * Security configuration assessment * Business Email Compromise IR Tabletop Exercise * Unit 42 Retainer with 250 credits for Incident Response ADVANCED ASSESSMENT ## Tier 2 ### Identify evidence of historical or ongoing email compromise * Email Compromise Assessment * Email Attack Readiness Benchmark * Tailored BEC IR Playbook * Includes Everything in Tier 1 MOST COMPREHENSIVE ## Tier 3 ### Empower stakeholders to understand risk and drive better outcomes * Email Attack Purple Team Exercise * Cyber Awareness Training Enhancement * Includes Everything in Tiers 1 \& 2 | | TIER 1 | TIER 2 | TIER 3 | | Security Configuration Assessment | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | BEC IR Tabletop Exercise | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | 250 Credits Reserved for Incident Response | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Email Compromise Assessment | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Email Attack Readiness Benchmark | -- | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Tailored BEC IR Playbook | -- | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Email Attack Purple Team Exercises | -- | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Cyber Awareness Training Enhancement | -- | -- | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | |--------------------------------------------|--------------------------------------------------------------------------------------------|--------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------| | Security Configuration Assessment | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | BEC IR Tabletop Exercise | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | 250 Credits Reserved for Incident Response | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | Email Compromise Assessment | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | Email Attack Readiness Benchmark | -- | | Tailored BEC IR Playbook | -- | | Email Attack Purple Team Exercises | -- | | Cyber Awareness Training Enhancement | -- | |--------------------------------------------|--------------------------------------------------------------------------------------------| \[TIER 1\] | Security Configuration Assessment | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | BEC IR Tabletop Exercise | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | 250 Credits Reserved for Incident Response | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | Email Compromise Assessment | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | Email Attack Readiness Benchmark | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | Tailored BEC IR Playbook | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | Email Attack Purple Team Exercises | ![Check White](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-white.svg) | | Cyber Awareness Training Enhancement | -- | |--------------------------------------------|--------------------------------------------------------------------------------------------| \[TIER 2\] | Security Configuration Assessment | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | BEC IR Tabletop Exercise | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | 250 Credits Reserved for Incident Response | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Email Compromise Assessment | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Email Attack Readiness Benchmark | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Tailored BEC IR Playbook | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Email Attack Purple Team Exercises | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | | Cyber Awareness Training Enhancement | ![Check Maroon](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/check-maroon.svg) | |--------------------------------------------|----------------------------------------------------------------------------------------------| \[TIER 3\] | Placeholder Heading | ------------------- | | | SHOW TABLE ## Here's what we deliver ### Unit 42 will evaluate the effectiveness of your technical security controls and operational capabilities in responding to and recovering from a Business Email Compromise incident. ![SECURITY CONFIGURATION ASSESSMENT](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/portfolio/purple-teaming/defense-and-alerting.svg) ![SECURITY CONFIGURATION ASSESSMENT](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/individual-services/vcg-easy-to-use-query-language-black.svg) ### SECURITY CONFIGURATION ASSESSMENT ![BEC IR TABLETOP EXERCISE](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/incident-response/ramsomware.png) ![BEC IR TABLETOP EXERCISE](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/individual-services/radiation-black.svg) ### BEC IR TABLETOP EXERCISE ![250 CREDITS RESERVED FOR INCIDENT RESPONSE](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/retainer/group-20979.svg) ![250 CREDITS RESERVED FOR INCIDENT RESPONSE](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/individual-services/clock-black.svg) ### 250 CREDITS RESERVED FOR INCIDENT RESPONSE ![EMAIL COMPROMISE ASSESSMENT](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/portfolio/purple-teaming/phishing.svg) ![EMAIL COMPROMISE ASSESSMENT](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/tabletop-exercises/Icon_library_Malicious%20email.svg) ### EMAIL COMPROMISE ASSESSMENT ![EMAIL ATTACK READINESS BENCHMARK](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/portfolio/purple-teaming/detailed-technical-reporting.svg) ![EMAIL ATTACK READINESS BENCHMARK](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/tabletop-exercises/Icon_library_Data-services.svg) ### EMAIL ATTACK READINESS BENCHMARK ![TAILORED BEC IR PLAYBOOK](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/portfolio/purple-teaming/recommendations.svg) ![TAILORED BEC IR PLAYBOOK](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/tabletop-exercises/Icon-library-90-day-plan.svg) ### TAILORED BEC IR PLAYBOOK ![EMAIL ATTACK PURPLE TEAM EXERCISE](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/Transform/expert-threat-briefings/Icon_library_Deal-Doctor.svg) ![EMAIL ATTACK PURPLE TEAM EXERCISE](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/tabletop-exercises/Icon_library_Deal%20Doctor.svg) ### EMAIL ATTACK PURPLE TEAM EXERCISE ![CYBER AWARENESS TRAINING ENHANCEMENT](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/portfolio/purple-teaming/executive-summary.svg) ![CYBER AWARENESS TRAINING ENHANCEMENT](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/cyber-risk-assessment/Icon_library_Contingent-workforce.svg) ### CYBER AWARENESS TRAINING ENHANCEMENT {#methodology} METHODOLOGY ## A proven approach to improving BEC readiness PLAN ![Gather Organizational Context](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/gather-organizational-context.svg) ### Gather Organizational Context We will provide a pre-engagement questionnaire to gain an understanding of organizational processes, tools and capabilities. ASSESS ![Review Documentation](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/review-documentation.svg) ### Review Documentation We will review your documentation to identify gaps in email security control design which could contribute to BEC susceptibility. ASSESS ![Conduct Stakeholder Interviews](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/conduct-stakeholder-interviews.svg) ### Conduct Stakeholder Interviews We will interview key stakeholders to gain additional insight regarding email security controls and technical capabilities. TEST ![Design and Deliver Tabletop Exercises](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/business-email-compromise/design-and-deliver.svg) ### Design and Deliver Tabletop Exercises {#why} WHY UNIT 42 ## World-renowned security experts, always in your corner ### As an industry-leading threat intelligence, cyber risk management and incident response organization, it's our job to help you prepare and respond to some of the most challenging threats so that your team can get back to business faster. As threats escalate, we act as your trusted partner to advise and strengthen your security strategies. ![Card Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/Transform/incident-response-plan-development-review/1-world-class-threat-intelligence-lt.svg) ![Card Mobile Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/Transform/incident-response-plan-development-review/1-world-class-threat-intelligence-lt.svg) ### WORLD-CLASS THREAT INTELLIGENCE Unit 42 provides access to one of the world's largest and most experienced threat intelligence teams. Our team of more than 200 cyberthreat researchers includes threat hunters, malware reverse engineers and threat modeling experts who enable you to apply a threat-informed approach to prepare for and respond to the latest cyberthreats. ![Card Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/tabletop-exercises/3-experience-and-expertise-lt.svg) ![Card Mobile Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/assess/tabletop-exercises/3-experience-and-expertise-lt.svg) ### TRUSTED EXPERTISE \& EXPERIENCE Unit 42 has assembled an experienced team of security consultants with backgrounds in public and private sectors who have handled some of the largest cyberattacks in history. We manage complex cyber risks and respond to advanced threats, including nation-state attacks, APTs and complex ransomware investigations. ![Card Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/Transform/incident-response-plan-development-review/2-industry-leading-tools-lt.svg) ![Card Mobile Head Icon](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/Transform/incident-response-plan-development-review/2-industry-leading-tools-lt.svg) ### INDUSTRY-LEADING TOOLS Unit 42 security consultants leverage industry-leading Palo Alto Networks tools to jumpstart your investigation by gaining necessary visibility across your endpoint, network, cloud and third-party data. This enables you to develop and execute a plan to get back to business as quickly as possible following an incident. {#stop} #### Related resources [See all resources](https://www.paloaltonetworks.com/resources?q=*%3A*&_charset_=UTF-8&fq=PRODUCTS0_DFACET%3Apan%253Aresource-center%252Fproducts0%252Funit42-managed-detection-and-response&ts=markdown) BLOG #### Operation Delilah: Unit 42 Helps INTERPOL Identify Nigerian BEC Actor [Read the blog](https://unit42.paloaltonetworks.com/operation-delilah-business-email-compromise-actor/) CASE STUDY #### Accelerating Security in a Fact-Paced Industry [Read now](https://www.paloaltonetworks.com/customers/global-automotive-manufacturer?ts=markdown) Webpage #### Unit 42 Retainer [Learn more](https://www.paloaltonetworks.com/unit42/retainer?ts=markdown) CASE STUDY #### Unit 42 Customer Stories [Read now](https://www.paloaltonetworks.com/unit42/customer-stories?ts=markdown) {#contact} ![jeffries-logo](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/unit42-contained-exp/overview/panw-sml-logo-white.svg) ## Go from reactive to proactive Our consultants serve as your trusted advisors to assess and test your security controls against the right threats, transform your security strategy with an intelligence-informed approach and respond to incidents in record time. First Name \* Last Name \* Email \* Company \* Job Level \*Job Level Job Function/Focus Area \*Job Function/Focus Area Phone \* Country \*Country StateState Department \* ProvinceProvince Zip Code \* recaptcha Please complete reCAPTCHA to enable form submission. By submitting this form, you agree to our [Terms](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown). View our [Privacy Statement.](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) Email me exclusive invites, research, offers, and news Contact us #### THANK YOU! A Palo Alto Networks specialist will reach out to you shortly. We look forward to connecting with you! {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2025 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language