Cyber Operations Reporting & Engineering
The CORE Security program affirms your network security is continually strengthened to help keep up with the ever-evolving risk of cyberattacks.
Our Cybersecurity Engineers and vCISO (Virtual Chief Information Security Officer) will work with your firm to provide a holistic approach to cybersecurity using people, processes and technology. This comprehensive approach will allow us to successfully prevent, mitigate, and remediate more cyberattacks successfully.
Traditional security measures for a network consisted of applying patching and installing a firewall which are very minimal techniques for building a defense. An easier way to explain our CORE Service Program is by likening it to securing your home prior to leaving. You would want to do all that you could to prevent a thief from breaking in. You might lock your doors and windows (firewall and patching). While this is Important, it will not stop a thief that has been casing your house for a month and knows your patterns. If an intruder is persistent, and really want in, they could use tools to pry open doors or break windows.
The same concept applies to intruders wanting access to your network. Hackers and cybercriminals are using new tools and techniques to bypass traditional cybersecurity measures. Our CORE Security Program will allow you to fully protect your “home.”
Contact us to learn more about our CORE Security Program.
CORE Security Services
Using the home security analogy, if a door or window was left unlocked, Vulnerability Management mitigates that threat and makes sure that ALL your doors and windows are locked.
VM is the process of identifying threat vectors that criminals can use to gain access to your network. These are usually OS and non-Microsoft applications (i.e., Adobe, Flash, etc.). As new vulnerabilities are identified, your network should be tested regularly to identify new access points and patch or reconfigure them on a regular basis.
Security Operations as a Service
SOCaaS acts as your home’s surveillance system. If an intruder is lurking around outside or trying to gain entry, you want the authorities to be notified as soon as possible. The best scenario is that you would have a recording of the intrusion to know exactly what method he used to break in and exactly what was stolen so that it can be prevented in the future and your items can be recovered.
SOCaaS monitors all network connectivity to identify unusual activity that could represent a security breach. Highly trained security engineers monitor your network 24/7 utilizing a combination of software and hardware to monitor access, log-ins and inbound/outbound network traffic.
The risk with passwords is if someone other than your authorized employee gains knowledge of that password then your data can be compromised. By utilizing a second method of authentication we can mitigate this risk by forcing a would-be attacker to also need access to a cell phone or key fob (something your employee has). By requiring multifactor authentication we can further prove the identity of the personlogging into your firms network.
Using multifactor authentication in your environment will also provide a mitigating control to other attack vectors like password spraying or brute force attempts (techniques hackers use to compromise a network). Some MFA products allow for a wider variety of authentication methods which make it even easier for your employees to log in and press a button from a push notification method instead of keying in a series of numbers.
DNS Malware Filtering & Protection
Now that we have the inside and perimeter of your home protected, we want to make sure that all the roads leading to and from your home are also protected. So, let’s make sure we can monitor a suspicious vehicle pulling down your street and passing by your home a couple of times. If there’s an APB out for a red Corvette and it’s driving up and down your street, you want to know that it’s not going to make it into your driveway so you block it in advance and alert the authorities.
DNS Malware Filtering & Protection utilizes software to block internet traffic to and from potentially “poisoned” sites on the Internet. It represents the most effective prevention of malware, crypto and/or intrusions as it blocks traffic from known bad sites across the globe. It can also be used to provide high-level category filtering and reporting.
CORE Security Additional Services
The CORE Security Program includes additional services that are important overall network security.
- Office 365 Security Consultation: Our security team works with your business to determine the correct measure of controls that should be turned on to mitigate data loss and secure your cloud system.
- Phishing Training for Employees: Employee training and spear phishing simulation campaigns empower users to recognize email threats not only at work but also from devices that are not protected by corporate email gateways.
- Threat Hunting: using their own knowledge and familiarity with the client network our security team hypotheses about potential threats, such as, but not limited to, Lateral Movement by Threat Actors.
- Email Protection and Management: email-filtering, spam blocking, encryption, archiving,anti-impersonation and anti-spoofing by way of domain fraud prevention and backups. In addition, protecting users and data from targeted spear phishing attacks using an A.I. engine that detects threats that traditional email gateways cannot.
I am writing this letter to thank you for your outstanding work on the Security & Risk Assessment. Your expertise and attention to detail were tremendously valuable. You joined us at a very critical time as we were getting ready to be audited as part of a risk assessment ordered by one of our major suppliers. You were able to quickly understand the objectives and priorities and make quality recommendations to improve our network and security processes. The quality of your work was recognized and appreciated by other team members. Not only did you thoroughly review our systems and processes, but you were also able to assist with reviewing and improving our IT and IS policies. As a result of your work and recommendations, we passed our recent audit with flying colors. Again, I would like to express my sincere thanks for your contributions. I look forward to the opportunity to work together again.