Simulation & Modeling Services
Everything we do begins with a threat model.
Threat Modeling is identifying security concerns through the process of reviewing architecture, implementation, and deployment of systems. The term “system” is used broadly with complexities ranging from networks with 500,000 endpoints to a single embedded device or a door lock. As they relate to cybersecurity, truly useful models are a blend of computer science and intuition.
Incorporating our knowledge of well-known and emerging threat actors, 23p will work with your organization to mitigate critical security issues without exploitation. Our approach incorporates Threat Modeling methodologies such as STRIDE and DREAD along with guidelines such as MITRE ATT&CK or cyber kill chain. Along with these commonly used guidelines and methodlogies, 23p uses modeling capabilities developed in-house.
Threat Modeling
Threat modeling is a core component of any effective offensive security assessment.
Tabletop exercises offer an opportunity to practice responding to complex attacks that go beyond information technology and information security.
Developing comprehensive tabletop scenarios involves a thorough understanding of our customer’s mission and known threats. The experiences of our staff informs the types of scenarios we create for tabletop exercises. Highly consultative, tabletop exercises begin with a discussion of your organization’s primary concerns and conclude with custom scenarios.
The scenarios we develop and deliver to your team include a holistic understanding of roles and responsibilities across departments. In practice, the complexity of a security event may require assistance and support from a variety of staff across your organization.
With 23p, your organization gains the tools and experience necessary to enhance readiness and foster a culture of proactive and cohesive response to digital threats.
Increase the overall value of tabletop exercises with our Live Fire Replay™ training solution.
Tabletop Exercises
23p’s tabletop exercises are discussion-based sessions where team members roleplay various information security scenarios.
