Our Red Team experts mimic the mindsets of skilled hackers, those of whom abuse all that is necessary in order to break into an organization’s line of security to reach their goal, such as data exfiltration.
01
Our Red Team experts mimic the mindsets of skilled hackers, those of whom abuse all that is necessary in order to break into an organization’s line of security to reach their goal, such as data exfiltration.
02
The approach we take is full-scope and goal-based, which covers a wide range of attack vectors (physical, electronic, or social) to help evaluate the resilience of your organization’s detection and response capabilities in the case of a real attack.
03
Our review and reporting will help identify your vulnerabilities, enhance the preparedness of your blue team and help with making the appropriate investment decisions regarding your organization’s security.
Crisis Management
From Identifying the threat of scenarios to testing Crisis Management plans using War Games, Obsidian opts for management, organization, and coordination.
01
Identifying the threat of scenarios
02
Integrating crisis management plans to include all organizational units as one.
03
Developing communication plans for internal and external stakeholders.
04
Testing Crisis Management plans using War Games for utmost efficiency.
Penetration Testing
Penetration Testing is a form of ethical hacking, in which we attempt to poke through the armor of an organization’s cyber defenses in order to scout for exploitable vulnerabilities which leave your company at risk.
Penetration Testing is a form of ethical hacking, in which we attempt to poke through the armor of an organization’s cyber defenses in order to scout for exploitable vulnerabilities which leave your company at risk. Moreover, our range of testing includes the following:
- Network Testing
- Web Application Security Testing
- Wireless Network Testing
- Mobile Security Testing
- Physical Devices
- Social Engineering
Cyber Risk Modeling and Analysis
With Cyber Risk Modeling and Analysis, can analyze a variety of scenarios that are assessed in terms of their risk, severity, and the outcome of your business. It’s your Plan B through Z, covered by Obsidian.
With Cyber Risk Modeling and Analysis, we can analyze a variety of scenarios that are assessed in terms of their risk, severity, and the outcome of your business. Given our expansive experience in physical security, cyber offensive domains, and cyber threat intelligence, Obsidian offers your company bespoke solutions through our holistic services. Furthermore, these services include investing the risks of potential physical, virtual, and business dimensions through the practice of existing models and methods such as:
- FAIR
- ISO31000
- OCTAVE
- TARA
- VERIS
- NIST
and more…
Alongside these services, we also provide the following investigations into:
- Single-Scenario Deep Analysis
- Key Cyber Risk Assessments
- Developments & Reviews
- Enterprise Risk
- Third-Party Integration Risk Assessment
Incident Response
We’ve got you covered faster than you can say “fix it!” Our process is all about identifying, investing, and responding to the threat to minimize the impact and begin the recovery.
Our process is all about identifying, investigating, and responding to the threat to minimize the impact and begin the recovery.
Our first approach consists of three main elements —intelligence, cyber, and physical. By combining these three elements, we provide your company with a comprehensive strategy for your organization’s ability to deal with sophisticated cyberattacks. Alongside, we assess your organization’s threat response capabilities with frameworks such as ISO 27035, CREST, and NIST to ensure compliance with certification guidelines.
This second approach consists of a response in case of a security threat, which is:
- Optimized by creating a bespoke incident response capability in reaction to the incident. • which entails the prevention of lateral movements and counteracting the spread of the threat through your network.
- We also identify the infected workstations and servers to prevent files from being encrypted and exfiltrated by the attackers
- We then deploy a defense solution and prepare for the second wave of attack.
The services we provide also include reporting and working closely with your organization’s management, to minimize any repetitional damage. This includes activities such as:
- the media
- stock exchange notices
- employee notifications
- partners
- suppliers
Following the event of an incident, We will begin to take a look at:
- Data Recovery, by examining whether malicious cords remain on the network and conducting a technical investigation of the incident (via network login vectors, network propagation forms, malicious code reverse engineering, etc).
Our experts in the field will furthermore examine whether the organization’s response is consistent with pre-event written procedures. With that, we are here to guide you in modifying those procedures to formulate new processes with your organization’s management.
End Point Protection
Optimizes the information fathered on relevant cyber security threats against the physical facilities and infrastructures.
Optimizes the information fathered on relevant cyber security threats against the physical facilities and infrastructures, those of which come from —
- Computers
- Cell phones
- Data Networks
- Wireless Networks
- Smart Vehicles
and more…
Every connected element of the physical dimension is monitored by us in 24/7 cyberspace.
Obsidian accompanies the organization’s management in writing procedures and security policies that reflect on company and management policies, which are reflected on how the company, employees, suppliers, and customers should behave. We believe that an organization that adopts proper practices can reduce the number of threats drastically by following mandatory protocols and safety measures. Moreover, this ensures that our services can be conducted and integrated with minimal disruption to your business’s routine.
Facilities & Infrastructure Protection
We finalize our protection by defending your unit as one: internally and externally. We thereby focus on two main elements of defense to interact with the physical facilities and infrastructure in need of protection against any external pressure.
We finalize our protection by defending your unit as one: internally and externally. We thereby focus on two main elements of defense to interact with the physical facilities and infrastructure in need of protection against any external pressure.
01 Our Physical Defense Process Begins With
Threat mapping —
- Access roads
- Perimeter fences
- Workspaces
- Public areas
- and more…
Identity verification —
- Cameras (visible and covert)
- Low voltage systems
- Alarm systems
- Biometric systems
- Access control systems
- Various Sectors
- The prevention and detection of listening (eavesdropping)
and more…
02 The Cyber Intelligence Dome
Optimizes the information fathered on relevant cyber security threats against the physical facilities and infrastructures, those of which come from —
- Computers
- Cell phones
- Data Networks
- Wireless Networks
- Smart Vehicles
and more…
Every connected element of the physical dimension is monitored by us in 24/7 cyberspace.
Obsidian accompanies the organization’s management in writing procedures and security policies that reflect on company and management policies, which are reflected on how the company, employees, suppliers, and customers should behave. We believe that an organization that adopts proper practices can reduce the number of threats drastically by following mandatory protocols and safety measures. This ensures that our services can be conducted and integrated with minimal disruption to your business’s routine.
Personal or Company Due Diligence
Thanks to our extensive search capabilities we can identify red flags, some of which include: legal references, social media behaviors, and examining personal and company relations that can affect your organization.
Thanks to our extensive search capabilities we can identify red flags, some of which include: legal references, social media behaviors, and examining personal and company relations that can affect your organization.
How do we go about it? Our service is performed by using open-source information, along with dedicated data sources, Modus Operandi of the intelligence service community while being tightly controlled by legal process to allow our analysts to compile a complete intelligence image. We finalize our findings by conducting a customized report according to your requirements, for your benefit.
Background Checks
Whether you’re hiring new employees or seeking information about a particular subject, our research focuses on obtaining information legally via open sources.
Whether you’re hiring new employees or seeking information about a particular subject, our research focuses on obtaining information legally via open sources.
Our Research Includes
- Legal examinations (rulings against them, or their involvement in a lawsuit)
- Research on any companies owned by the subject
- Social connections and collegial relationships
- Locating more virtual entities of the subject, including usernames and activity in forums, and covert social media profiles
- CV verification is based on open sources on the web
Obsidian can also offer more, depending on the client’s requirements.
Intelligence Reports
Get updated and re-informed with our Intelligence Reports, where we keep you in the loop on what you need to know such as identification of security risks, reports and more.
Get updated and re-informed with our Intelligence Reports, where we keep you in the loop on what you need to know such as:
- The identification of security risks or business threats to you
- A follow-up of a continual update of cities and countries with which you or your business conducts its operations.
- Reports can be either ad-hoc or on a frequent basis with absolute discretion and be customized according to the client’s specifications.
Cyber Threat Intelligence
The objective of CTI is to provide information on cyber adversaries and prevent and mitigate cyberattacks through the study of threat data. Obsidian is are actively aware of the organized hacking groups and threat actors and monitors the Deep & Dark Web, along with business competitors.
The objective of Cyber Intelligence is to provide information on cyber adversaries and prevent and mitigate cyberattacks through the study of threat data. Our systems are actively aware of the organized hacking groups and threat actors in the Deep & Dark Web, along with business competitors who are all becoming more aware and capable of causing damage to your organizations’ assets and reputation. In relation, we’ve conducted a list of reports which consist of:
- Assembling the company’s digital footprint
- Detecting corporate & personal credentials in data breaches and data leaks
- Brand and Domain monitoring
- Public access to sensitive corporate data
- Intel on risks or planned attacks on the security of your company and perimeter defenses.
- Monitoring within the communities of specific threats and fraudulent methods
- Organizing the knowledge on new attacking methods and the various campaigns running in the underground
- Client sector and Market specific reports
- Conducting CYBER-HUMINT operations to retrieve sensitive information
Our Services Include
- Intel for new sophisticated attacks on the market
- Intel for attacks that risk the client’s security and permitter defenses
- Intel for a new database that was hacked and consists of the client’s credentials
- Intel for planned attacks on the company
- Our line of safety is to conduct the research, analysis, and solution to face the threat of cyber intelligence.
Know Your Client (KYC)
Our KYC reporting is catered to our financial institution clients to protect them from potential customers or entities involved in fraud, corruption, money laundering, and terrorist financing. Our methodology utilizes extensive identity verifications and comprehensive tests on the subject based on broad sources on the Clear, Deep & Dark Web.
Our KYC reporting is catered to our financial institution clients to protect them from potential customers or entities involved in fraud, corruption, money laundering, and terrorist financing. Our methodology utilizes extensive identify verifications and comprehensive tests on the subject based on broad sources on the Clear, Deep & Dark Web.
In addition, we also identify subjects based on:
Watchlists —
- OAFC Sanctions List
- NCA Wanted List
- List of the Council of the European Union
- EU Financial Sanctions
- United States Department of Justice
- FBI Wanted List
- PEP List — Politically Exposed Person
- Negative Information and Advertising — search engines, articles, journals, and news sites
High-Risk Countries (list of countries under sanctions) —
- HMT
- EU
- UN
- Austrac
- OAFC
- Basel Governance
- International Transparency
VIP Services
Obsidian is all about maintaining your privacy and exposing all vulnerabilities to offer you peace of mind. As part of our service, we can monitor all your activities and mentions on websites, social networks, and more as we gather that information and apply it to other family members who might be at risk.
01
Obsidian is all about maintaining your privacy and exposing all vulnerabilities to offer you peace of mind. As part of our service, we can monitor all your activities and mentions on websites, social networks, and more as we gather that information and apply it to other family members who might be at risk.
02
You will be able to know what’s been written and said about you all across the Internet and the Dark Web at any given moment in real-time. You’ll be alerted at your convenience to any threat or offensive content under your name, keeping you up to date with timely reports that indicate any potential harm.
03
Our process offers you a dynamic active defensive service that places the monitored entity, the client, and their brand at the center of an in-depth examination across networks at different levels.
04
Finally, we provide you with daily scans, and status reports using an implementation of sensors on networks and databases on the Internet and the Deep & Dark Web.
