AWD Security Services

Service Background

Cyber-attacks driven by economic interests are growing in an all-round way, from individual threats and small team attacks to organized and specialized attacks.
Most security devices cannot effectively detect deep APT attacks, and attackers may also use social engineering attacks, close-source attacks , supply chain attacks and other means to bypass traditional border protection.
In recent years, China has organized many large-scale offensive and defensive drills. Even if the participating units have done various security compliance inspections, the dropout rate is still high. The construction of the protection system based on actual combat and the effectiveness test have become the security shortcoming that the organization urgently needs to make up for.

Service Introduction

The Red Side (Attacker)

Jingan Technology has many years of experience in the field of red-blue confrontation and has accumulated rich experience in social engineering attacks, near-source attacks, and upstream and downstream attacks in addition to conventional boundary breaching methods. Competitive Security Technology's security service solutions focus on results, but also focus on the process, and will provide full analysis of all potential risks in the attack chain and provide recommendations for rectification.

service list
Red Team Test Attack	Network Penetration & Application Penetration (Remote) -> Vertical Penetration (Remote) -> On-Site Review (On-site ) -> Red Team Summary Report (Remote) -> Vulnerability retest (Remote )
Sorting Out the Exposure of Internet Assets	Collect data including organizational structure, IT assets, sensitive information leakage, supplier information, etc., and analyze risks in all aspects (remote)
Email Risk Detection	Collect email addresses exposed on the Internet, and conduct attack tests on email accounts such as password blasting, password retrieval, and service attacks (Remotely)
Upstream and Downstream Attacks	Under the authorization of all parties, carry out red team attack testing operations (remote) on upstream and downstream, branches, supply chain enterprises, partners, etc.
Social Engineering Attack	By sending phishing emails, IM chats, watering hole attacks and other social engineering methods, enterprise employees can open a breach into the system and the intranet (remotely)
Assessment of Near Origin Attacks	Carry out attack tests such as identification bypass, device remote control attack, fake WIFI phishing, access control cracking, and near-source physical intrusion at the customer site, with the purpose of bypassing identification, sniffing important information, obtaining system permissions, and obtaining employee information. (On site)

Blue Side (Defensive Side)

Jingan Technology has made great achievements in the national large-scale offensive and defensive drills for many times, and has unique insights into the construction and effect testing of the actual combat-based protection system, and has helped many leading customers in the industry to establish a defense-in-depth system.

Service Content

Attack Chain Analysis

In view of the tight timeframe of the exercise, fully combine various basic security checks and core business/critical node asset lists as well as professional red team attack test summaries to output kill chain summaries and risk convergence recommendations to quickly converge significant risks that can be exploited by attackers in a short period of time.

Security Equipment Validity Verification

Do a comprehensive physical examination of security equipment, and test from the two aspects of traffic collection coverage and protection strategy effectiveness, so as to avoid security equipment from having "shape" but not "spirit"; and assist customers to complete security strategy optimization to ensure the detection coverage of security equipment, to rationalize the detection capabilities of submitted Security equipment.

Blue Team Workflow Development

With rich experience in large-scale confrontation projects, combined with the actual situation of customers, formulate the best practice process that fits the customer's situation, break the communication barriers of all parties through collaboration, and complete the efficient handling of security incidents.

Core Business /Key Node Asset Sorting

List of core business/key node assets that will be focused on by attackers in actual combat is output.

Summary of Techniques and Tactics

After the offensive and defensive drills are over, Jingan Technology can assist customers to review the defensive gains and losses of Internet exposure reduction, phishing email protection, on-site social engineering protection, 0Day vulnerability protection, VPN protection, big data protection, target protection, etc., and check and dispose of them. Effectiveness and process availability, and put forward security reinforcement suggestions, and output the "Technical Warfare Report" and "Blue Team Summary Report".

Attack Source Tracing and Countermeasure

Jingan Technology has strong technical strength in attack traceability and countermeasures based on the industry's leading deception defense technology. We can trace the identity of the real person, countermeasure the attacking team members and obtain their personal computer privileges in the attack and defense exercise activities, thus assisting customers to establish an effective traceability and countermeasure system to turn defense into attack and overcome the enemy in the attack and defense exercise activities.

Service Advantages

Jingan Technology, as an expert in attack and defense in the new situation, has accumulated and precipitated security capabilities that have been verified through many real-world battles, both from the attacker's and defender's perspectives.
We have mature enterprise level red-blue confrontation experience, with successful cases all over the government, central enterprises, finance, operators, tobacco, energy, and power and other industries.