Indicator of Compromise Assessment

Our indicator of compromise assessment utilizes our extensive experience within cybersecurity to identify potential malicious compromise signatures that may already exist within your network and systems. This allows us to give you key insights into your environment to assess whether your organization may have already been the victim of a cyberattack.

The Schneider Downs cybersecurity team employs a comprehensive approach to cybersecurity and proactive incident response services that are part of our overall strategy to secure our clients’ networks and key systems. Below are some of the checks that are provided with an indicator of compromise (IOC) assessment:

  • Antivirus log analysis
  • Network device log analysis
  • Web filter log analysis
  • Windows event log analysis from key servers or endpoints
  • Forensic artifacts review of critical Windows systems
  • Cloud log analysis (e.g., Azure, AWS, or O365)
  • Intrusion Detection System (IDS)/Intrusion Prevention System (IPS) log analysis
  • Security Information and Event Management (SIEM) log analysis
  • Email security appliance or software log analysis
  • Network device firmware integrity checks
  • Access point (AP) log analysis
  • Sensitive application/web security log analysis

While the primary goal of the assessment is to determine if there is already a compromise of critical systems, Schneider Downs will also provide a security architecture review and recommend improvements to improve the multiple layers of security protecting your organization. This includes reviewing the following items, leveraging our extensive client experiences:

  • Web filters
  • Antivirus products
  • SIEM products
  • IDS / IPS (integrated firewalls or standalone devices)
  • Data Loss Prevention (DLP) Software
  • Email Security Products
  • Cybersecurity User Education
  • Network Architecture
  • DMZ Architecture
  • Patch Management
  • Windows Event Logging Analysis

case studies

 
big problem:
Ransomware attack halted a global manufacturer's operations.
big thinking:
Recover and secure the system – fast – save $1 million in ransom.
 
big problem:
High tax burden for family-owned franchisor.
big thinking:
Comprehensive planning for a 15% tax reduction.

our thoughts on

Crown Prince Mohamed and Jeff Bezos’ Rocky Relationship Leads to Hack, Murder

Against the backdrop of strengthened relations between the United States and Saudi Arabia over the past few years, relations began between Saudi Crown

read more >

NSA Makes Unprecedented Vulnerability Disclosure - Microsoft Vulnerability CVE-2020-0601

Microsoft’s Patch Tuesday has come again and, with it, another highly publicized vulnerability, CVE-2020-0601. This week’s notification is

read more >

New Orleans Under State of Emergency Due to Ransomware Attack

The city of New Orleans continues to operate under a state of emergency following a devastating ransomware attack. The hack was discovered in the early

read more >

Wawa's Data Breach

Reset the days without a major data breach back to zero. In the constantly evolving world of cybersecurity, it doesn’t look like the phrase above

read more >

Brian Krebs Sheds Light on Cybercrime at Pittsburgh’s Premiere Cybersecurity Event

On December 9, 2019, I was honored to represent the Pittsburgh Chapter of ISACA and Schneider Downs as the leader of Pittsburgh’s Information Security

read more >

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102