Trimarc Enterprise Security Posture Assessment

Trimarc reviews the security posture of your enterprise, identifying key security issues, and provides clear recommendations to improve security.

shields.png
Shield-people-icon.jpg

Trimarc was originally developing this service as a revamped Purple Team concept, though after several months of working through how to align a Purple Team service offering with the other Trimarc services, we scrapped the idea and started over. Instead of attempting to shoehorn Purple Team methodology into how Trimarc typically performs assessments, we started with the following problem statement.

"What do organizations need the most to improve their overall security posture which will frustrate attackers and ransomware?"

We reviewed the key benefits that Purple Teaming provides to organizations and focused on providing even more value around a Trimarc service. Instead of centering an assessment around offensive activity and response (detection), Trimarc reviews how event monitoring is configured along with potential gaps. Then we went beyond just events and developed a method to collect key security metrics from workstations and servers in order to discover areas of opportunities for attackers. Trimarc looks at user and admin account behavior and layer this on top of the security issues identified to determine real risk of compromise.

 

This is Purple Team, reimagined.
 

Trimarc ESP Overview
The Trimarc Enterprise Security Posture (ESP) assessment is an enterprise-grade security assessment that merges offensive and defensive disciplines to identify strategic security risks impacting our customers​. Strategic risks allow threats to extort, manipulate, or compromise high value assets and data critical to the business​. The Trimarc ESP Identifies and links technical security issues across technologies, business operations, and security controls to demonstrate strategic risks.​
 

The Trimarc ESP assesses more than just Active Directory though leverages key AD information to help inform the assessment.
 

The report deliverable is a report with a roadmap which breaks down large complex strategic security risks into smaller, manageable components.​ This approach empowers security leaders across an enterprise to champion security initiatives.

  • Identify risks that impact your business.​

  • Identify the pathways an attacker can leverage to successfully exploit the risks.​

  • Determine your ability to detect and respond to those risks​.

  • Give you the tools you need to successfully execute on a mitigation and monitoring plan.​

  • Provides unique tools to help analysts, security managers, and executives effectively mitigate risks.

  • The Trimarc ESP scales to the size of your business in order to best identify the critical security concerns.

Shield-people-icon.jpg

Key Review Components

Enterprise Risk Analysis: Identify impactful risks to the enterprise which could halt or compromise operations​
 

Trimarc ESP key technologies and areas:​

  • Active Directory​

  • Windows Servers​

  • Windows Workstations​

  • Risky User Behavior​

  • Security Information and Event Management (SIEM)​

  • Endpoint Detection and Response (EDR)​

  • Security Monitoring Gap Analysis: Identifies visibility gaps in detecting identified risks ​

  • Attack Path Analysis: Links security issues across technology areas

How is the Trimarc ESP Different?