Assessments and Tests

Be cyber confident.

Designed with our Intelligence Driven Defense® methodologies as the foundation, our comprehensive set of cybersecurity assessments and testing services can be tailored based on your business needs and your organization's threat profile.


Cybersecurity Assessments and Tests

We provide detailed assessments of the effectiveness your cyber defense and resiliency when measured against likely cyber threats. Assessments and tests are in separable modules that can be alighned to your current needs. Specific gap mitigation steps to further reduce potential cyber incident risks will be recommended based on our findings.

Assessments, testing and subsequent recommendations are based on our broad and deep cybersecurity experience using proven market leading methodologies, including Intelligence Driven Defense® and Cyber Kill Chain® and current industry standards and best practices such as NIST, NERC CIP, ISO, DHS, and DoE to name a few.


Leidos cybersecurity assessments are the best way for companies to learn where they stand as security practitioners. Organizations receive:

  • Quantifiable scores
  • Tailored guidance from experts in the Computer Network Defense industry
  • Contextual intelligence on outpacing your adversaries

Three core cybersecurity assessments to support your Intelligence Driven Defense® strategy:

Essential Processes

Core Security Framework Assessment

Recommended for any organization defending IT/OT systems and processes against broad-based cybersecurity threats. The Core Security Framework assessment evaluates and measures the level of cybersecurity implementation across the 5 functions and 22 categories of the NIST Cybersecurity Framework to establish a cyber defense baseline and benchmark your organization against industry peers. Provides a strong foundational assessment for the full Intelligence Driven Defense® Assessment.


Defense Maturity Baseline

Intelligence Driven Defense® Baseline Assessment

For organizations protecting critical infrastructure or high-value assets that would attract advanced adversaries such as the Advanced Persistent Threats (APT), insider threats, or sophisticated cyber criminals. Evaluates and measures the organization’s alignment with the Intelligence Driven Defense® framework across 15 key evaluation domains.


Supplementary Assessments and Tests:

Review Architecture & Technology

Technology Vulnerability Assessment and Testing

This assessment consists of documentation reviews and analysis, supplemented by targeted physical inspections to determine the completeness and adequacy of security controls used in the design and implementation of an organization’s networks as well as its IT/OT architectures, systems, operating processes, and applications. It also identifies potential weaknesses in system architectures, configurations, vulnerability management programs, and application development.


Objective Penetration Testing

Penetration Testing

Technical testing from either inside or outside the organization’s perimeter. Penetration testing services are designed to systematically identify and remediate security weaknesses in the organization’s most critical systems and applications. Penetration testing provides objective evidence of system resiliency and hardening through the application of adversarial tactics.


Benchmark Defense Capabilities

Advanced Persistent Threat Simulation Testing

We assess the organization’s capability to detect, monitor, and mitigate advanced threats at each step of the Lockheed Martin Cyber Kill Chain®. Unlike penetration testing, which focuses on achieving an objective such as ‘gain domain admin privileges’ or ‘access a protected network’, APT simulation utilizes a broad spectrum of cyber adversary tactics, techniques, and processes (TTP). This testing examines two factors for each scenario: 1) did the tactic/technique/process work in the client’s environment, and 2) was anyone in the client’s enterprise alerted to the activity (whether it was successful or not)? A typical APT simulation involves dozens of test scenarios, and is a very effective way of benchmarking an organization against real-world adversary tactics.


Talk to a cybersecurity expert today.