July 31, 2018 | SSS Security Operations Team
Lately it seems that there is a significant data breach reported in the media on an almost weekly basis. One of the most well-known breaches was the data scandal that rocked Facebook just a few months ago. It highlighted the need for companies to make sure they have the IT Security in place to protect the data they have access to.
CERT NZ has released their critical controls for 2018 to help companies mitigate the majority of information security incidents that they have analysed so far. They highlighted that a common tactic for attackers is to exploit known vulnerabilities. In 2017 alone, over 18,000 vulnerabilities were recorded in the United States National Vulnerabilities Database. IT environments are increasingly complex and tasks like patching, are more important than ever. All it takes is a single vulnerability to give attackers the opportunity to compromise your systems.
We have put together a comprehensive set of Security Operations solutions to help you with your efforts to remain out of the headlines.
Effective vulnerability management needs to be part of your regular IT Security efforts
Proactive vulnerability detection and remediation is one of the most important activities you can do to keep your systems safe. To really be effective, it is important to ensure that you are able to dedicate the time and resources into this process. With the ever-changing threat landscape, this cannot be a one-off exercise, but needs to be part of your regular IT Security efforts.
Vulnerability management may seem like a daunting process. But it doesn't have to be. Our vulnerability management service is designed to take the pressure off and to help you manage this process effectively. We can help you stay focussed on the right threats, vulnerabilities and prioritise your efforts.
A comprehensive solution can help you stay on top of your vulnerability management efforts along with providing valuable insight into events in your environment
Our Security Operations solution provides:
- Asset and software discovery and inventory.
- Security intelligence – constant monitoring, analysis and correlation of user behaviour and logs with automated alerts, based on your priority for security incidents.
- Intrusion and anomaly detection and alerting on network, host, wireless and cloud environments.
- Automatically prioritise identified security events.
- Continuous vulnerability monitoring with authenticated and unauthenticated active scanning options.
- File integrity monitoring to monitor changes to critical files.
- Compliance monitoring for PCI DSS.
- Visibility of dashboards, incident details and log information.
The service consists of the following components:
- Platform management and support
- Daily monitoring of service, alerts, system health and dashboards
- Monthly actionable reporting that is customised to suit your needs
- Remediation prioritisation and coordiation
- Incident management and response
- Forensic Analysis
We have combined our expertise with AlienVault's® USM to bring you a powerful Security Operations solution
We've built our Security Operations Service on AlienVault® Unified Security Management® (USM). They deliver built-in intrusion detection systems as part of an all-in-one unified security management console. With AlienVault® you are able to detect threats as they emerge in your critical cloud and on-premises infrastructure. Expert threat intelligence is updated every 30 minutes and analysed. This include data submitted by more than 80,000 participants from more than 140 countries.