Deep Compromise Assessment

DeepSeas’ Compromise Assessment Service seeks to identify evidence of an active or historical security breach in Customer’s IT systems by combining threat intelligence analysis, endpoint detection, and advanced threat hunting performed by an experienced team of DeepSeas cyber defense professionals.

The DeepSeas Compromise Assessment includes the following activities:

• Analysis of Customer endpoint systems using Endpoint Detection and Response (EDR) software with the intent to identify evidence of past security threat events, active security threat events, and potentially unwanted system hygiene issues;
• Monitoring and analysis of active endpoint network and process activity using Endpoint Detection and Response (EDR) software; and
• Preparation of a Compromise Assessment Findings Report that will identify compromised systems and related evidence, describe attacker activity and extent of observed compromise, identify potential high risk environment hygiene issues, and describe actionable findings and recommendations to remediate.

DeepSeas will work with the Customer to create an implementation plan, which will consist of deploying EDR technology, integrating EDR technology with the DeepSeas cloud based cyber defense platform, and provisioning necessary access for DeepSeas cyber defense professionals.

1. TECHNOLOGY DEPLOYMENT & PREPAREDNESS (Estimated Duration: 2 Weeks) - Project Plan document will be produced that will detail status reporting, pulse check, working session and draft and final deliverable schedules.
2. THREAT IDENTIFICATION & ANALYSIS (Estimated Duration: 5 Weeks, contemporaneous with Threat Hunting Operations) - Actionable notifications of threat activities that will be provided as alert-based evidence of cyber threats as discovered during the Compromise Assessment.
3. ACTIONABLE RECOMMENDATIONS (Estimated Duration: 1 Weeks) - Weekly status calls will be held on day/time mutually agreed by the parties.

The Compromise Assessment Service will produce the following Customer deliverables:

• PROJECT PLAN - Project Plan document will be produced that will detail status reporting, pulse check, working session and draft and final deliverable schedules. Format: MS Powerpoint
• VALIDATED THREAT NOTIFICATIONS - Actionable notifications of threat activities and will be provided as alert-based evidence of cyber threats are discovered during the Compromise Assessment. Format: Email & Phone Call
• WEEKLY STATUS CALLS - Weekly status calls will be held on day/time mutually agreed by the parties.
• REVIEW OF DRAFT COMPROMISE ASSESSMENT REPORT - Parties meet to discuss findings from the Compromise Assessment to help ensure accuracy prior to finalizing the Final Report. Format: MS Word
• FINAL COMPROMISE ASSESSMENT REPORT - Final Report that will include an executive summary of findings, detailed technical analysis of findings, and recommendations for containment and prevention of future compromise. Format: PDF Document

DELIVERABLE ACCEPTANCE - Customer shall have five (5) business days from its receipt of a Deliverable provided by DeepSeas to review and evaluate such Deliverable to determine whether the Deliverable substantially conforms with the specifications for the particular Deliverable as set forth herein, if any; and if no written acceptance or rejection is received by DeepSeas within such five (5) business day period, the Deliverable shall be deemed to be accepted.