Data Egress Risk Assessment

    CONTACT REQUEST

    RISK ASSESSMENT

    Do you know where your data is going?

    Audit your egress data to discover exposures to potential data theft.

    Why this matters!

    The first step to eradicating data theft is understanding where your data should NOT be going to. This includes application data both from users and from servers.

    Our pen test style audit identifies all applications found to be transmitting data, where it is going, and what are the potential risks for data theft:

    – theft from misconfigured applications
    – theft via non-approved applications (eg personal cloud storage)
    – egress traffic at risk from spoofing attacks
    – egress traffic at risk from poisoning attacks
    – egress traffic at risk of transmission out-of-country
    – data at risk from insider attack
    – data at risk from hacker attack
    – data compromised by malware (bots, ransomware, spyware, etc)

    Our discovery audit can include user devices as well as servers, to assess:

    + Is sensitive application data GOING DIRECTLY to the vendor?

    + Are update requests GOING DIRECTLY to the vendor?

    + Discover NON-BUSINESS applications transmitting data

    + Discover UNKNOWN/COVERT applications transmitting data

    COMPLIANCE ASSESSMENT

    Prove where your data is going!

    For ISO27001 / ISO27701

    ISO27001: Information Security and ISO27701: Privacy Management both mandate controls for data transfer, data protection, and third party data sharing.

    Our compliance audit provides you with evidence to demonstrate to your ISO assessor that you monitor egress data from user devices and servers, and that you know where it is going to.

    Our compliance audit can include user devices as well as servers, including:

    + MICROSOFT applications’ egress data

    + MICROSOFT applications update requests

    + THIRD PARTY applications’ egress data

    + THIRD PARTY applications update requests

    + ROGUE/COVERT application discovery

    Why ZORB?

    Traditional network-level pen tests link destination IPs with the source device.
    We correlate outbound application traffic to vendor domains, by source device.
    This means we provide much more detailed observations about where data is to, and where it should be going.

    APPLICATION LAYER

    Our NINE-STAGE assessments uncover issues that may expose your data to theft, before it happens.
    This means we identify future potential for internal theft, as well as potential exposure to external actors.

    POTENTIAL THEFT

    Application data found not to be going to its vendor is assessed for malicious intent and crosschecked with known compromised endpoints.
    This means we can detect theft already in progress by hackers, insiders or malware.

    ONGOING THEFT

    Any devices you wish can be included in our audit.
    From Microsoft devices such as PCs, to Linux OS devices such as servers or OT hardware.

    ANY DEVICE