Blue Team

Introduction

Our consultants are no strangers to odd network behaviour, or unknown services on host machines. Through a thorough investigative process we can monitor, track, and learn what actions these unfamiliar processes may be performing? Malware is prevalent in todays world, but often it is created for a specific target, and collateral damage occurs when it infects new and unfamiliar systems.
With cyber organised crime on the rise, malware has now being morphed into a criminal enterprise: ransom-ware. Where these digital nasties, encrypt your personal data, and demand sums of money to be ''donated'' into an anonymous digital wallet such as ''bit-coin''.
Our consultants are blue team leaders in the uk, and expired in both automated and manual analysis to quickly ascertain at a high level the following pieces if intelligence:

• where the malware has come from?
• who is the malware talking to?
• how the malware infiltrated your current cyber defences?
• whether the malware is simply a stager, for a more advanced piece of malware
• develop a list of digital signatures or Indicators-of-Compromise (IoCs).
• reverse and fingerprint digital code.

Technologies

Our Team are familiar with the following technologies, to aid in Cyber defence capabilities:

• Bluecoat
• Tripwire
• Tipping-point
• PaloAlto Wildfire
• Alienvault SIEM
• Splunk
• ELK (Elasticsearch,Logstash,Kibana)
• Cuckoo
• various bespoke sandbox technologies

Blue Team Defense and Policies

Outside of the technical arena, our blue team leader can help your business with blue team policies. The blue team manuals, and documents needed that outline preparations before attacks and incidents. Through to step-by-step walk throughs on how to handle incidents correctly process and report them. We are experienced and holding several table top exercises, that can help with your process development, and test your responses in a dry-run.
Should you wish to assess your blue teams capability and maturity we offer red team testing and blue team assessments, were we can host a mock attack, to analyse your blue teams speed and accuracy at response. Where appropriate we will recommend improvements to ensure your team is at the top of its game.