Title: SERVICE OFFERING - Malware Readiness Assessment

Malware Readiness Assessment


As part of our full suite of security services Agliant provides a comprehensive malware readiness assessment. This type of assessment is designed to gauge the effectiveness of your perimeter security investments when it comes to preventing reverse tunnels, data exfiltration, malware downloads, C&C server callbacks, disallowing access to sites which are potentially threatening to your environment and preventing local tools resident on most Windows machines from being used as a facility to expand abilities within your network

Our proprietary method of testing leverages our custom built sandbox appliance and encompasses a wide variety of open source tools, custom written scripts and commercial products which have been significantly enhanced by our highly qualified security experts that are used to detect potential lapses in your defenses which could lead to comprimise.



Some of the commonly exploitable services and access abilities we test for via our proprietary sandboxed solution are as follows

1. SSL interception capabilities
2. Layer 7 application awareness
3. Access to sites on threat intelligence lists
4. Access to known C&C servers
5. Perimeter effectiveness at identifying malware samples over common and uncommon ports and with the use of encryption
6. Egress Access list profiles
7. Perimeter effectiveness at identifying remote access communication tunneled under common services

and much more.

Upon completion of this engagement you will receive a full report outlining the finding, severity of the finding, potential exploitability, risk score and steps which should be taken to mitigate the risk.

To complete this service we will require either physical device or our proprietary vm appliance be positioned in your internal network with access to the internet so that we can begin the egress testing of the elements listed above.

After completing this scoping exercise if you wish to leverage our custom appliance to execute this engagement simply navigate to the sidebar  section entitled "PenTesting Resources" to either configure your own downloadable VM tailored to your hypervisor or request a physical device to complete the exam