Starting with entry level options such as End Point Protection and Mobile Device Management and extending through to Web Application Firewalls and Threat Detection systems, clients have access to Trust Systems’s security experts in the Security Operations Centre (SOC) removing the worry of trying to understand security and what the business should be doing.
- Budget Friendly: OpEx payment model, no expensive staff, no software to buy
- Faster notification of security breach with continuous vigilance across the business
- Increased Security with comprehensive solutions for the whole business
- Increase expertise with access to certified security experts
- More time to spend on other important IT issues
- Low cost entry point with MDM or EPP
- Secure all devices – Cloud –AWS, Azure, Virtual, Servers, BYOD, Office365
- Security Technologies – Encryption, DLP, Vulnerability assessments, Threat Management, Intrusion Prevention, Firewalls, Anti-Phishing, Ransomware detection, Identity Management
- Compliance and Regulative reporting
- 24 x 7 x 365 monitoring and support
No system is secure. With the best will in world you can never ensure that every system is patched, that employees won’t click links and that code isn’t vulnerable. Can you be 100% certain you haven’t already been hacked? The first step to preventing a cyberattack is understanding the attack path. Our goal is to provide you with a service that will help you understand where that attack path lies, detect threats in real time and alert you in order to secure your systems against them.
Can you answer the following questions?
- Do you know how often your servers are being attacked?
- Do you know who is attacking your servers and what part are they targeting?
- Do you know if an employee has opened some Malware that is installing Ransomware?
- Do you know if your staff are browsing the Darkweb?
- Do you know which of your servers have vulnerabilities?
Why do you need to worry? Types of hackers and their motives
- Script Kiddie – does it for ‘fun’ and to show off to their peers. Not that skilled but has lots of time to spare.
- hacktivist – does it for ‘the cause’. Specific targets/sectors and wants to go public
- Employee – does it for ‘revenge’. Can be harder to detect.
- Cyber criminal – being paid or can sell the information. Tries to stay undetected to exfiltrate as much data as possible.
- Cyber criminal – utilising your resources for C&C, storage (illegal) or DDoS
- Understanding – have visibility of the threats that are trying to exploit your systems so you can defend against them.
- Protection – protect your systems by implementing solutions based on knowledge not guesswork.
- Confidence – know that you are secure with regular vulnerability scanning and reporting.
- Knowledge – track which members of staff are logging in to system.
- Expertise – gain access to expertise to help keep your systems secure.
- Focus – allows companies to focus on the core business rather than fretting over the day-to-day running of existing systems.
- Awareness – If your systems are compromised, you’ll know immediately, not 8 months later.
- Advice – keep up to date with the latest threats
- Reporting – monthly reports detailing threat intelligence
Without a threat intelligence system in place, you are at considerable risk. When a breach of the network takes place, it will be extremely difficult to detect a compromise unless the attacker wants you to know. At which point it is too late to react and it will be very difficult to provide an audit trail.
ThreatDetect will monitor all your systems and networks for known attack paths, correlating disparate events in order to detect threats and exploits.
In order to implement ThreatDetect and have full visibility of threats within the network, the network traffic has to be captured and optionally device logs have to forwarded. This requires a network ‘span’ to be available either on a core switch or firewall, agents to be installed on servers and syslog to be forwarded to the ThreatDetect appliance. The appliance can be virtual or physical. A VPN is then created for secure encrypted communication to the Trust Systems SOC.
Trust Systems SOC engineers will manage the deployment and installation. Over a 2-4 week period the SOC team will tune and configure the solution to eradicate false positives and structure the alarms in accordance with the client requirements. Additionally, the alarm escalation process will be defined with client.
Should an alarm be triggered, the SOC team are notified via multiple channels. An engineer will be designated as the lead investigator. If the threat is of sufficient critically the client will be contacted following the escalation procedure. If the threat is deemed irrelevant the client will not be contacted.
Monthly reports will be produced detailing the current internal and external vulnerabilities that are present in the client’s infrastructure. A Trust Systems SOC engineer will review the reports and arrange a meeting via Webex with the client to discuss possible improvements to the infrastructure thereby reducing the attack surface.
Contact us today for a free 30 day Threat Detect trial and get notified of whats critical to you and see what goes into a report to help you close the gaps faster and more efficiently.