fbpx Skip to main content

Attack Surface

Review

Want to know how cybercriminals could target your organisation and how to defend against them?

A value and threat-driven penetration testing alternative can help you discover your company’s technological and human flaws and how they could be used against you.

Find Out MoreFind Out More
CSIQ-Cyber-Investigation-Header-V2
csiq-background-breaking-squares-3
csiq-what-is-managed-attack-surface

What is an Attack Surface Review?

We use the same tactics and techniques of cybercriminals and persistent threat groups to find holes in your organisation’s security.

Unlike advanced Penetration Testing, the focus is on identifying attack paths and weaknesses rather than developing and demonstrating exploits against a system.

Our Active methodology combines a vulnerability assessment, a technical review of public information sources, a workstation configuration assessment, human threat intelligence, and more to give you a real-world view of your organisation’s cyber exposure.

Check out the FAQCheck out the FAQ

The Cyber Threat in Numbers

The latest statistics from the U.K Governments Cyber Security Breaches Survey

19

of businesses have a formal incident response plan.

39

of businesses reported an attack in the past 12 months.

83

of businesses that reported an attack in the past 12 months reported that Phishing was used to gain access.
csiq-background-breaking-squares-3
CSIQ-cyber-investigation-why-choose-us-3

Why choose an Attack Surface Review?

For SMEs and MSPs, a penetration test is overkill and, unless correctly scoped, provides a false sense of security.

Threat actors prioritise low-risk / high-reward tactics that exploit human weaknesses and misconfiguration before exploiting vulnerabilities typically identified during a penetration test.

We developed the Attack Surface Review to help businesses identify the high/critical risks in their Cyber Security position without requiring lengthy scoping meetings and risk disrupting the business.

Get In TouchGet In Touch

What are the Benefits of an Attack Surface Review?

A hackers perspective of your organisation

A value-driven alternative to penetration testing

Analytics that guide risk reduction strategies

Access to CSIQ Insight Risk Management Platform and Experts

Attack Surface Review features:

Public Email Addresses
By understanding which email addresses are public, you can provide focused training for those users to help prevent spam and targeted email attacks.

Email Health
Correct DNS configuration and blocklist monitoring ensure time-sensitive delivery of emails to customers and suppliers.

IP Reputation
Monitoring the IP reputation of your company’s IP addresses provides an indicator of infected machines that avoid endpoint protection solutions.

Credential Leaks
We index and aggregate credential leak databases to provide a true reflection of the risks associated with lost credentials.

Dark Web Chatter
Commonly used by hackers to share leaked information on individuals and companies, we monitor the dark web for indicators of targeted attacks and information leaks.

Use of Technologies
We analyse the technologies in use to identify supply chains, potential login accounts and additional attack vectors.

DNS Health
DNS is essential for network communication. All businesses utilise this technology to make services such as remote access and the company website accessible to staff and customers. We monitor for new DNS records and misconfigurations that could reveal sensitive information.

Search Engine Leaks
Our Threat Hunting team can identify potential information leakage by combining automated and manual assessments of search engine databases.

CSIQ-Technology-Agnostic

CSIQ Insight – Risk Management Platform
All consultancy and managed services come with access to our Risk Management Portal. All risk types, including technical, human, residual and inherent, are scored, allowing for a strategic approach to risk reduction.

Perimeter Vulnerability Scanning
We combine automated tools and manual verification to identify vulnerabilities that could lead to compromise and information leakage.

A scoping document is agreed upon at the beginning of the engagement; CSIQ recommends the following are assessed:

  • Firewalls
  • Virtual Private Network (VPN) Gateways
  • Application Gateways
  • Web Applications

CSIQ will only scan websites if the company manages the platform and underlying operating system. All scanning is conducted using vulnerability assessment tools approved for Cyber Essentials plus audits.

Workstation Security Assessment
Along with the network perimeter and your staff, workstations are one of the first lines of defence from cybercriminals. Weaponised documents and misconfiguration are some of the leading causes of compromise.

Our workstation assessment includes a review of the following:

  • Vulnerabilities
  • Misconfigurations
  • Policy Compliance
  • Use of Encryption

In addition, we test AV/EDR against some of the latest threats and techniques that steal credentials and backdoor systems.

Organisation Size
Micro 1-9
Small 10-49
Medium 50-249
Large 250+
Passive
£940 Per Organisation
Recommended for

All businesses that want a value and threat driven alternative to penetration testing

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Communication
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Usage
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection (Passive)
  • Company Website (Passive)
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Passive)
  • Social Engineering Assessment
Passive
£1440 Per Organisation
Recommended for

All businesses that want a value and threat driven alternative to penetration testing

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Email Security
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Presence
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection (Passive)
  • Company Website (Passive)
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Passive)
  • Social Engineering Assessment
Passive
£3420 Per Organisation
Recommended for

All businesses that want a value and threat driven alternative to penetration testing

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Email Security
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Presence
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection (Passive)
  • Company Website (Passive)
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Passive)
  • Social Engineering Assessment
Passive
Contact Us Per Organisation
Recommended for

All businesses that want a value and threat driven alternative to penetration testing

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Email Security
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Presence
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection (Passive)
  • Company Website (Passive)
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Passive)
  • Social Engineering Assessment
Active
£1640 Per Organisation
Recommended for

Risk adverse SME's & scale-ups

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Communication
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Usage
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection
  • Company Website
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Active)
  • Social Engineering Assessment
Active
£2240 Per Organisation
Recommended for

Risk adverse SME's & scale-ups

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Email Security
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Presence
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection
  • Company Website
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Active)
  • Social Engineering Assessment
Active
£4420 Per Organisation
Recommended for

Risk adverse SME's & scale-ups

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Email Security
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Presence
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection
  • Company Website
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Active)
  • Social Engineering Assessment
Active
Contact Us Per Organisation
Recommended for

Risk adverse enterprises

  • Presentation of Findings
  • Risk Management Platform
  • Bespoke Report
  • Email Security
  • Email Security
  • Impersonation Protection Review
  • Human Risk Intelligence
  • Identify Active Staff
  • Information Leakage
  • Company > Personal Identities
  • Social Media Presence
  • Identify High-Risk Users
  • Organisation Profile
  • Public Business Records
  • Social Media Presence
  • Communication Channels
  • Identify Supply Chains
  • Threat Intelligence
  • Public Email Addresses
  • DNS Security
  • IP Reputation
  • Information Leakage
  • Technologies in Use
  • Dark Web Chatter
  • Credential Leaks
  • Vulnerability Assessment
  • Office Internet Connection
  • Company Website
  • End-User Devices
  • Server Operating Systems
  • Microsoft 365 Security Assessment
  • Active Directory Security Assessment
  • Optional
  • Spear-Phishing Attack
  • Physical Security Review (Active)
  • Social Engineering Assessment

Journey to Adversarial Awareness and Defence

CSIQ-managed-attack-surface-journey
1
Non-Disclosure Agreements
2
Risk Profile & Cyber Maturity Assessment Quesionnaire
3
Kick-Off-Meeting
4
Attack Surface Investigation
5
Meeting to discuss findings
6
Feedback and evaluation
7
Post engagement support
CSIQ-Footer-Logo-4

Cyber

Intelligence Services

Visit our Cyber Investigation page to learn more about our other Cyber Intelligence services.

Or get in touch to find out more about all our services.

Contact UsContact Us

Our Accreditations & Memberships

We are proud of our industry recognised certifications in Cyber Security and Service Delivery

CSIQ NCSC Assured Service Provider Cyber Advisor
CSIQ NCSC Assured Service Provider Cyber Advisor
Cyber Essentials Plus Certification Body
Cyber Essentials Plus Certification Body
IASME Governance Certification Body
IASME Governance Certification Body
CSIQ IASME Cyber Baseline Certification Body
CSIQ IASME Cyber Baseline Certification Body
ISACA Professional Members
Ecologi - Climate Positive Workforce
Ecologi Climate Positive Workforce

FAQ

Who is Attack Surface Review for?

The Attack Surface Review is a threat and value-driven alternative to penetration testing and is suitable for all organisations regardless of size.

It is common for companies to believe they need a Penetration Test because they were told they needed one or thought that was the only option. We often find when reviewing test reports that the wrong scope was agreed upon or the test only captured a part of the company’s attack surface and missed the likely path an attacker would take.

Is an Attack Surface Review the same as a penetration test?

The main difference between an Attack Surface Review and a Penetration test is that the Attack Surface Review has a broader scope for identifying weaknesses and does not spend time actively exploiting systems.

A Penetration Test demonstrates vulnerabilities and the impact of exploitation. A considerable amount of time is allocated to enumerating and exploiting systems in a safe and controlled way; however, the outcome is typically the same: remediation advice and fixing the issue.

The Attack Surface Review focuses on the tactics and techniques used by cybercriminals to exploit weaknesses in technical systems and humans.

Why do you provide a Passive option?

The Passive assessment provides a perspective of a business that avoids attribution to any entity. This is ideal for companies that need an understanding of what a determined hacker can find out about the business without triggering any defences.

We recently had a penetration test but it didn't find anything?

We hear that a lot. feel free to call us, and we can help you review the scope.

How long does the Attack Surface Review take?

The typical turnaround time for a Passive or Active Attack Surface Review is two weeks from order sign-off.

Do you require an non-disclosure agreement?

A mutual non-disclosure agreement is required for all engagements.

We take the privacy of our clients seriously and ensure that customer and vulnerability information is protected at all times.

Why do you limit the number of identifies investigated?

As this is a value-driven assessment, your Threat Intelligence Investigator will focus on the riskiest users to provide the greatest value. The report will provide recommendations for further investigation.

Have a question for us about our services?

Send us an enquiry to get a rapid response from a cybersecurity expert.

"*" indicates required fields

Name*
Hidden
Hidden
This field is for validation purposes and should be left unchanged.