Adversary Simulations

What is an Adversary Simulation?

An attack simulation is a realistic simulation of a real attack, which takes into account not only technical but also human security factors, which are not included in conventional pentests. All digital and analogue processes from the IT security management of a company are put to the test and an attempt is made to access sensitive information in every conceivable way and as undetected as possible. In this way, you gain valuable insights, from prevention to detection to reaction, and achieve a sensitization of the responsible employees. A pentest or cloud audit, on the other hand, should uncover as many vulnerabilities and configuration problems as possible, exploit them and determine the risk level. All identified security problems are presented to the customer together with an impact assessment, a proposal for risk reduction or a technical solution.

Our APT Simulations

Attack simulations (often also APT simulations) are very individually designed by us and the framework conditions must always be defined in close consultation with the customer. Basically, we classify e-mail spear phishing into two categories, whereby e-mail spear phishing is often also carried out as part of a Red Team Assessment.

Red Teaming

Red Teaming emulates a malicious actor actively attacking and trying to escape detection, similar to an advanced and persistent cyber threat.

Learn More

E-Mail Spear Phishing

Phishing attacks are very focused and sophisticated in that they are not classified as such by the security infrastructure or the spam filter. The last line of defense is then the employee.

Learn More

Before an attack simulation, a Cloud Security Assessment or Pentest is recommended.

References

Companies that trust our expertise.

Frederik Vollert
Managing Director & Co-Founder of Phrase
turingpoint conducted a web penetration test on the Phrase.com website and API as an external system audit as part of our Information Security Management System. The team conducted the tests in a highly professional manner, identifying a number of potentially malicious exploits and security enhancements through libraries, the application of security protocols and the browser level. The report helped us identify current strengths and weaknesses in our security architecture and resulted in changes to our code base to minimize security weaknesses. We look forward to our next penetration test with turingpoint!
Dr. med. Christoph Twesten
Founder / CTO – MillionFriends
Perfood GmbH address several diseases and predeseases with digital therapeutics. The portfolio includes medical products and DIGAs (digital health application under the German Healthcare Act). IT Security is a very important aspect of our business. In April 2020 turingpoint conducted a penetration-test on the API of our backend as an external system audit as part of the certification process for one of our medical products. In July 2020 we consulted turingpoint for a global Cybersecurity audit including our mobile app, backend, website and aspects of IT security in our office in Lübeck. The team conducted the tests in a very professional way and was a great help in finding potential threats and optimize the security of our system. Turingpoint also reviewed the architecture of our backend setup and helped us to design this critical part of our infrastructure in the most secure way. We are very satisfied with the results and looking forward to our next project together!
David Holetzeck
CEO – Table of Visions
Our expectations regarding quality, customer service and the execution of the penetration test and the hosting security check were exceeded and we can recommend the team of turingpoint GmbH without any restrictions. If you are looking for a service provider who prepares documents in such a way that everyone can understand them and provides advice on how to solve problems, turingpoint is the right partner for you.