Every organisation in the UK faces the difficult challenge of mitigating against the ever-increasing risks associated with cyber crime. Cyber attacks use advanced technology to exploit the vulnerabilities in your IT system to steal confidential information and disrupt your essential operational activity.
Effective cyber security requires a holistic, integrated approach that involves the identification, detection and removal of cyber threats. It requires the continual update of preventive measures (controls) and regular testing to ensure that these measures are working correctly.
Effective cyber security also requires skilled IT professionals to install, manage and report to senior managers. Outsourcing your cyber security to a trusted Managed Security Service Provider (MSSP) delivers the security expertise and technology required, with minimal impact and a reduced cost to your organisation.
CYBERSHIELD MDR-COMPLETE is designed to deliver effective and comprehensive cyber security for an organisation of any size. Functioning as your company’s own 24/7 cyber security operations centre, CYBERSHIELD MDR-COMPLETE monitors critical network infrastructure and endpoint assets, proactively hunting for threats and providing actionable remediation when required. It also includes protection for all laptop and mobile devices which are used remotely away from the office.
This fully managed service combines the benefits of the CYBERSHIELD MDR-ENDPOINT & MDR-NETWORK packages with additional email protection, cloud security, security policies, external vulnerability scanning, penetration testing and application whitelisting.
CYBERSHIELD MDR-COMPLETE is deployed in minutes and is continually monitored by our analysts who report on and mitigate any potential attacks immediately. Routine scanning and penetration tests are used to identify system vulnerabilities. The results of testing together with our recommendations for remedial activity are delivered in reports at regular intervals.
For a full list of package features, see the MDR-MATRIX product comparison.
MDR-COMPLETE is the ultimate CYBERSHIELD package that we offer and includes a full range of features and works perfectly in any network environment from on-premise to full cloud deployment and even monitors remote workers fully no matter where they are. MDR-COMPLETE is our flagship service and with good reason. If you would like to find out more information or to discuss your requirement please get in touch.
SIEM & Log Management
Our Security Information and Event Management (SIEM) is at the heart of our CYBERSHIELD platform and allows our 24/7 SOC to monitor your assets, network, infrastructure and applications. Our SIEM goes far beyond a traditional SIEM solution and allows us to search and visualise your security data which cuts down investigations down to hours not months and allows for 20x faster investigations and incident response
Our platform comes fully loaded with the latest deception technology which include honeypots, honey files, honey users and honey credentials. This allows us to monitor critical file locations but also the endpoints as we also inject fake credentials onto endpoints to deceive attackers and will be alerted when they are harvested and used.
User & Attacker Behaviour Analytics
User Behaviour Analytics (UBA) allows us reliably detect attackers masking as company employees. Attackers are now compromising assets not only via malware, but by moving laterally between them using stolen credentials. Attack Behaviour Analytics (ABA) is a human problem that can only be truly defeated by humans. Our expert analysts working in our SOC live and breath attacker behaviour every day. Our analysts craft new detentions to catch attacker behaviour based on their findings, and this evolving library comes in CYBERSHIELD.
Patch management is the single most important step in securing your network and its vital that all assets and the supporting infrastructure is kept up to date as this is one of the easiest ways to get compromised from unpatched software. We have full vulnerability and patch management programs to ensure we are continuously scanning and have the ability to deploy patches within minutes when new threats are found.
Endpoint Detection and Response (EDR)
CYBERSHIELD MDR-ENDPOINT employs an Endpoint Detection and Response (EDR) application to record endpoint system-level behaviours and events. Using known indicators of compromise (IOC) and behaviour analytics techniques, the EDR software continually searches the data to identify early signs of attacks.
Real-time live Response
Our platform features industry-leading detection and response capabilities that reveal threat activity in real time, so we can respond to any type of attack as soon as it’s identified. We can visualise every stage of the attack to uncover root cause in minutes. Ability to isolate hosts, blacklist applications or terminate processes is just a few built in tools at our disposal.
It is a problem when you don’t know who and what is on your network and cloud environments and how those assets are configured. It is vital to always know who and what is accessing the network at all times and if you can answer this question it’s a big step in the right direction to staying protected. Our technology uses Active and Passive techniques to identify assets and all associated information.
Intrusion Detection System
Network Intrusion Detection is applied at the network and asset level and allows our SOC to hunt for known and unknown threats such as polymorphic worms. Our intelligence feed IDS system can hunt for known and unknown threats and this is backed up by our highly skilled analysts who are constantly hunting for new types of attacks and indicators.
Continuous Vulnerability Scanning
We run continuous vulnerability scans of your entire network which include all assets whether they are inside or outside of the network. Assets outside (remote workers) are always included in these scans thanks to our insider agent that keeps all assets connected 100% of the time. These scans are vital and work with our patch management program in order to keep all assets up to date and ensure there are no weaknesses within your environment.
Dark Web Monitoring
Our CYBERSHIELD platform out of the box will monitor your corporate domain and alert us to found and compromised credentials that live within the dark web. We take this a step further and we have solutions through various partners that allow us to continuously monitor the inaccessible places of the dark web for information pertaining to your organisation so that we can be alerted and take action.
Next Generation Antivirus (NGAV)
Cyber attacks have grown more advanced and traditional signature – based antivirus software is no longer effective. Today’s attackers use file less malware, zero-day exploits and advanced persistent threats. Our Next Generation Antivirus software continuously monitors the processes occurring on an endpoint device and blocks attacks before they compromise your system.
Advanced Threat Hunting
Today’s cyber criminals launch highly targeted attacks to gain valid credentials and become ‘insiders’ within your network. Threat hunting is performed by our experts from our SOC and is the active pursuit of abnormal activity on servers and endpoints that may be signs of compromise. The common approach to intrusions is to respond after getting an alert. But by then, attackers could be inside your systems for months before you know it.
Capture and Analyse
We capture and store all unfiltered data from every endpoint so that we can analyse each event stream in context and uncover emerging attacks that others would miss. We analyse all endpoint activity against signatures, reputation, and 110+ core behaviours used by attackers.
Request more information about our Managed Detection & Response range of services and see how they can help your business.
Some error has occured.