Key Benefits
- Harden your enterprise email system to prevent unauthorized access.
- Improve your response to BEC attacks.
- Lower the likelihood and impact of email-based attacks.
BEC Incidents Represent Nearly a Third of the Incidents Investigated by the Unit 42® Incident Response Team in 2022
The Unit 42 BEC Readiness Assessment has three tiers designed to match your organization’s needs.
Tier 1: BEC Readiness Assessment
Security Configuration Assessment
Outcomes: Improve your organization’s ability to prevent BEC and other email-based attacks.
Services: We perform an in-depth technical review of the security configuration of your email environment, leveraging multiple hardening standards and battle-tested best practices.
Deliverables: We’ll provide a report of control enhancements and recommendations for your organization to better prevent BEC and other email-based attacks.
BEC Tabletop Exercise
Outcomes: Improve your organization’s ability to quickly and effectively respond to a BEC attack.
Services: We’ll design and facilitate a BEC attack Tabletop IR Exercise based on the thousands of investigations our IR team has performed to test your readiness with a simulated attack and help you practice IR processes and workflows.
Deliverables: We’ll provide an after-action report with recommendations for policy and process improvement.
Unit 42 Retainer with 250 Credits for Incident Response
Outcomes: Extend your IR team’s capabilities by putting the world-class Unit 42 IR team on speed dial with SLA-driven response times. Improve recovery times and the efficacy of IR.
Services: Your retainer hours are valid for one year and can be used for IR services or proactive cybersecurity advisory services as needed.
Deliverables: What we provide will vary depending on the service request.
Tier 2: Email Compromise Assessment (Includes everything in Tier 1)
Email Compromise Assessment
Drawing on our deep expertise in responding to BEC and other email-based attacks, the Unit 42 Email Compromise Assessment identifies evidence of historical or ongoing compromise in your email environment. Unit 42 IR experts analyze account logs and telemetry to search for unauthorized access, including rule creation and data exfiltration:
Outcomes: Gain visibility into suspicious email account activity and take action to secure your email environment.
Services: Unit 42 IR experts analyze account data to identify IoCs and hidden threats.
Deliverables: You’ll get a report with findings and recommendations for control enhancements based on empirical observations, configuration settings, and opportunities to reduce your attack surface.
Email Attack Readiness Benchmark
Outcomes: Identify gaps in your defenses before the threat actors do and increase security awareness.
Services: The Unit 42 Offensive Security team launches a targeted spear phishing attack against high-value targets in your organization.
Deliverables: Report of results and recommendations for control enhancements.
BEC Incident Response Playbook
Outcomes: Improve your ability to respond to and recover from email based attacks.
Services: The Unit 42 Security Consulting team reviews your existing IR processes and recommends a best practice playbook based on your specific environment and capabilities, including our extensive experience responding to email-based threats.
Deliverables: Tailored BEC incident response playbook.
Tier 3: Purple Team and Cyber Awareness Enhancement (Includes everything in Tiers 1 & 2)
Email Attack Purple Team Exercises
Outcomes: Increase security awareness. Validate and improve your defenses against advanced email attacks.
Services: The Unit 42 Offensive Security team targets your email accounts and conducts a custom-designed campaign of advanced email-based attacks, including credential theft, phishing, and other advanced attack methods.
Deliverables: Receive reports of the results of each simulated attack and training and control enhancement recommendations.
Cyber Awareness Training Enhancement
Outcomes: A cyberaware workforce, informed of today’s advanced threats and their role in preventing cyberattacks.
Services: We deliver cyber awareness training tied to the outcomes of your Purple Team Exercise and tailored to your industry vertical, sensitive information assets, and key functional roles throughout the organization.
Deliverables: Get a live training session via webinar.
Approved by Cybersecurity Insurance Plans
Unit 42 is on the approved vendor panel of more than 70 major cybersecurity insurance carriers. If you need to use Unit 42 services in connection with a cyber insurance claim, Unit 42 can honor any applicable preferred panel rate in place with the insurance carrier. For the panel rate to apply, just inform Unit 42 at the time of the request for service.
Under Attack?
If you think you may have been compromised or have an urgent matter, please contact Unit 42 Incident Response team, email unit42-investigations@paloaltonetworks.com or call North America Toll-Free: 866.486.4842 (866.4.UNIT42), Europe, the Middle East and Africa: +31.20.299.3130, United Kingdom: +44.20.3743.3660, Asia-Pacific: +65.6983.8730, or Japan: +81.50.1790.0200
About Unit 42
Palo Alto Networks Unit 42® brings together world-renowned threat researchers, elite incident responders, and expert security consultants to create an intelligence-driven, response-ready organization that’s passionate about helping you proactively manage cyber risk. Together, our team serves as your trusted advisor to help assess and test your security controls against real-world threats, transform your security strategy with a threat-informed approach, and respond to incidents in record time so that you get back to business faster.
Please visit paloaltonetworks.com/unit42 to learn more.