top of page

Strategic Assessments

TABLETOP EXERCISES (TTX)​

​

Evaluate your threat hunting/detection engineering or incident response plan via scenario-based gameplay

"Our business depends on our ability to react quickly and effectively to security events. The teams were able to discuss their decisions and validate them thanks to the Tabletop Exercises, which were really helpful."
     — CISO, Global Financial Institution

Why Cerbicore


Since 2000, Cerbicore's experience has been at the cutting edge of threat hunting, incident response, and cyber threat intelligence. Our threat analysts and strategists have participated in some of the most difficult operations both in the military and the commercial sector.

We have a deep understanding of both existing and emerging threat actors, as well as their rapidly changing tactics, techniques and procedures.The Tabletop Exercise draws on this expertise to deliver custom scenario injects rooted in real-world experience and designed to address your key business and technical areas of risk.

Overview

The Tabletop Exercise assesses both the executive strategy and technical incident response capabilities of your organization's cyber crisis processes, tools, and response to cyberattacks. To examine the organization's simulated actions and judgments in reaction, Cerbicore consultants add a variety of scenario injects based on real-world experience during each exercise.

Approach

Before starting a tabletop exercise, Cerbicore experts first gain an understanding of the threat profile, operating environment, and particular areas of concern for the client firm. With the help of key personnel, we organize an on-site workshop where we introduce dynamic scenario injects based on the behavior, methods, and strategies used by attackers that we have seen while doing threat hunting and/or incident response work.

We monitor gaming to assess how simulated actions and choices align with or deviate from the organization's written policies and procedures and the incident response best practices highlighted by Cerbicore experts during the exercise.

BENEFITS

  • Quick, effective, non-invasive examination

  • Recommendations based on real-world incident response and threat hunting  best practices

  • Identify gaps between documented and expected responses in comparison to what really occurs
     

WHAT YOU GET

  • Executive Brief [PPT]

    • An in-person overview of gameplay,  specifically:

      • Participants’ interaction with the incident response plan (IRP), communications plan(s) and escalation procedure(s) or how the threat hunting program made the connection to the incident response team and worked in hand with other groups to neutralize threats.

      • Lessons learned

      • Strategic recommendations

Security Program

Assessments

Cerbicore has hours of experience every year working with organizations of all sizes to remediate security breaches, identify vulnerabilities that targeted attackers exploit and provide guidance on closing the security gap. The Security Program Assessment draws on our collective expertise to deliver tailored, actionable recommendations to clients that improve your security posture, reduce risk and eliminate the consequences of security incidents.

Executive Threat Briefing


Delivered with the threat intelligence report will be a summary of the assessment's conclusions and suggestions based on the most recent trends Cerbicore experts have noticed in your sector.

Observations and Gap Analysis


The gap analysis, which uses the industry framework as a benchmark, identifies domains that require additional development and presents a maturity plan tailored to each domain that will help you improve your security posture.

Security Program Roadmap and Recommendations

Receive a strategic and tactical action plan that provides recommendations on sequence and prioritization on improving effectiveness across one or more ten domain framework.

Threat Detection Report

​

Cerbicore will correlate your company’s event logs against our propriety library of Indicators of Compromise (IOCs) to identify malicious activity. A detailed report will be provided that summarizes the findings and includes insights into threat actor profiles – if applicable.

Cerbicore’s Approach


Throughout the examination, we'll give a thorough review of the efficiency of your program's overall information security across 10 different security domains. You receive a detailed roadmap of short-, medium-, and long-term improvement strategies for your organization at the conclusion of the engagement.

Documentation Collection & Analysis

 

Cerbicore experts will review existing polices, standards and procedures to gain an understanding of current operational capabilities and the technology and business environment.

Interactive Workshops & Executive Meetings


Based on information gathered, our experts will assess your organization’s maturity levels against best practices and industry standards. We will work with you to identify your organization’s goals and desired end state.

Enterprise Health Analysis


Cerbicore will review your organization security event data using proprietary technology and intelligence to assess whether attackers have evaded your current preventative security solutions and provide a Threat Detection report at the end of the evaluation.

Recommendations & Roadmap


We evaluate all the data collected during the assessment and provide recommendations and an implementation roadmap to achieve the organization’s desired short- and long-term goals.

bottom of page