MENU

Detection and Response

Businesses operate in an ever-changing threat landscape. Cyber attackers are becoming more and more sophisticated and aggressive, putting real pressure on IT security teams in an industry where there is a shortage of staff.

Our key detection and response services is the SSS Advanced Phishing Triage Service that enables all your staff to "check before they click" on any suspected phishing emails. This automated service complements our email security solutions as well as our security awareness training options.

In addition to this, we also have several other complementary solutions that help you to detect, triage and respond to incidentes. These solutions help your teams streamline their efficiencies, and redirect their focus where it is most needed.

  • Our STARS (Security Threat Automation and Response) is a cloud delivered service for orchestration and automation of incident triage and remediation activities.
  • Our Managed SIEM service provides you with a comprehensive SIEM platform augmented with our experts who escalate the events you should care about.
  • Our Incident Management service helps you prepare, investigate, manage, and respond to incidents.

Want to know more?

Contact us on 04 917 6670 or sales@sss.co.nz if you would like to know more about our detection and response services or see a demo of any of these solutions.

Request more information3

All solutions logo 01 Solutions + Partners

  • Advanced Phishing Triage Service (APTS)

    Phishing emails can be very difficult to detect, and some will always reach your end users regardless of the technology you use at the gateway.

    Phishing emails can be very difficult to detect, and some will always reach your end users regardless of the technology you use at the gateway.

    Training your staff to be able to detect and report suspicious emails is a vital part of protecting your organisation. It is also important to acknowledge when users do this. Reporting to a black hole does not reward the desired behaviour, you should be letting the submitter know what you found. This can have a large impact on your users and Incident Management teams.

    Some of our clients have full-time roles dedicated to analysing and responding to user-submitted phishing email samples.

    The SSS Advanced Phishing Triage Service (APTS) is an automated email triage service operated by SSS.

    It is designed to streamline your processes by automatically reviewing the content of user-submitted email samples, and responding to the submitter with an analysis result. It also provides your Incident Management team with a report including what was found and any remediation recommendations.

    The SSS Advanced Phishing Triage Services complements our wider set of email security tooling to provide comprehensive protection:

     

    Contact us on 04 917 6670 or sales@sss.co.nz if you would like to know more about our detection and response services or see a demo of any of these solutions.

    Request more information3   Request a demo

    How does it work?

    APTS is an automated phishing triage service that combines the power of automation with insights from real-time threat intelligence data. Using industry-leading platforms and best practice playbooks, we are able to automatically analyse suspicious e-mail samples, and respond to the submitter with the result and advice on what to do.

    E-mail samples are analysed against reputable threat intelligence sources. This data informs the classification decision, and provides evidence to support remediation activities. This information is sent to the client's incident management team in an incident report, which includes details of who submitted the sample, indicators found in the sample, and remediation advice.

    A managed service scaled to your needs

    Phishing Triage Base Service

    Send suspicious email samples to a monitored mailbox for automated analysis. The system will send automatic responses to the reporter stating whether the email is likely to be safe, malicious, or unknown. It will also send an incident report to a nominated Incident Management team with details on the submitted sample and advice on further steps.

    Service Features

    • 24/7 operation of automated services
    • Outlook or Gmail button for easy sample submission
    • Automated investigation and intelligence gathering
    • Automatic response sent to the submitter
    • Automated incident report sent to Incident Management teams

    Phishing Triage Premier Uplift

    In addition to the Base Service features, the premier uplift provides the option for further customisation, as well as access to SSS security analysts to assist in manual investigations and incident response. This can help identify trends with phishing campaigns or problem users, as well as in-depth investigations on individual samples. There is also an option to have the service automatically delete malicious emails from cloud-based email platforms.

    Service Features

    • Access to the SSS Security Operations team
    • Customisable response templates, logos, and message text
    • Detailed incident investigation
    • Improved service reporting on the analysis of potential threats
    • Option to delete malicious email from cloud-based (SaaS) Office365 and GSuite services for rapid remediation and improved return on investment
  • Greenbone Networks

    SSS have partnered with Greenbone Networks, leaders in Vulnerability Management solutions.

    SSS have partnered with Greenbone Networks, leaders in Vulnerability Management solutions.

    Greenbone Networks provides both an open-source and commercial-grade solution for vulnerability analysis and management in both your internal and external networks.

    SSS as Greenbone resellers can provide assistance with licencing and support to get your installation up and running quickly.

    SSS provides two options:

    • On-premise virtual or physical appliance - Greenbone Security Manager (GSM)
    • Cloud delivered external or internal scanning solution ready in minutes via the Managed Service Provider edition (MSP)

    The Greenbone Security Manager:

    • identifies security risks,
    • assesses risk potential,
    • recommends actions, and
    • complements reactive security tools such as firewalls.

    The Greenbone Security Manager is available as either a Virtual Appliance or a Physical Appliance.

    • Available in three different classes, as well as a Sensor.
    • There are no limits to the number of IP addresses that can be scanned.
    • A number of IP address scans per day will vary depending on the class you select.

     

    Service   GSM    MSP        Notes 
     On-premise    Tick 100px            
    Cloud delivered         Tick 100px        
    Internal Scanning     Tick 100px    Tick 100px        Via service-provided VPN Gateway
    External Scanning     Tick 100px    Tick 100px        
    Efficient Scanning Engine     Tick 100px    Tick 100px        
    Scheduled Scan     Tick 100px    Tick 100px        
    Reporting     Tick 100px    Tick 100px        
    Scan Against Policies     Tick 100px            
    Credential Based Scanning     Tick 100px    Tick 100px        Internal only
    IP Based Pricing        Tick 100px        The number that are licensed for scanning
    Number of IPs Per Day   Tick 100px           Throughput per day