This comment came from a IT GM after they were unable to detect activity on their network by WHITEHACK Penetration Testers. They had all the typical controls in place that one would expect and are told are ‘good enough’.
It really struck a chord with us at the time, as it so accurately describes the security of most businesses when faced by hackers or advanced, stealthy malware. We had always recommended a range of measures to help counter this fascinating issue and we have now started to deploy custom, managed and unmanaged tools and systems to detect this activity, and ‘bite back’ where necessary.
For many though, the thought of deploying and managing another technology is too much, with internal teams already have significant workloads, especially when seconds count with security issues, you need 24/7 security support.
Our network and application monitoring packages build on the fascinating work done by researchers like those at Black Hills Information Security in the USA in active defence and honey pots. We’re not trying to generate thousands of log entries per day, we just want one when it counts, with alerts going to DevOps phones or whoever is on point when absolutely necessary.
We’ve taken months to develop a security operations centre, managed 24/7 that can monitor your network for threats, we can then alert you or take action ourselves depending on the arrangement to prevent a significant incident.
Our team members have extensive experience in the development and deployment of large-scale and small scale vulnerability management services.
We can outsource support services for the following: Integration of SOC tool sets used for the collection and analysis of enterprise audit logs and vulnerability management, but we can also provide support services in the form of CIRT augmentation through our managed monitoring and alerts service.
Outsourcing Services outlined below:
The cost of network downtime is massive, even for small and medium sized enterprises. The costs of such outages are usually measured in minutes, not hours.
Many businesses who suffer an outage lasting greater than one week never fully recover and often go out of business.
Our security operations centre has been designed with this front and centre of mind – providing a reliable security outsourcing option for your business.
Dealing with security incidents is par for the course for information security consultants, so it’s important you talk to one during an incident and utilise our experience.Talk with us
Over a period of several months, we have developed a unique system for network and/or application monitoring operations, and deployed a security operations centre to manage it. We’re monitoring for very specific types of threats – hackers and advanced malware targeting your website, application or network.
This isn’t designed to replace firewalls or anti-virus systems, just to augment a gap in their abilities that is highlighted time and again during penetration test.
This system can be managed or unmanaged, but it only works effectively if you’re honest with yourself about your businesses capabilities to effectively monitor and provide 24/7 support. Unmanaged/unwatched monitoring ops are generally regarded as a risky move. You can outsource to our enterprise grade security operations centre, letting you get on with what you do best.
This is some seriously innovative technology we’re deploying with custom tool sets for network monitoring, intrusion detection, DevOps and incident response. We are very proud of what we have achieved.
With this toolset, we can achieve rapid deployment in production environments, function comfortably as both a physical deployment in your rack, or a virtualised instance in the cloud.
Contact us to discuss your requirements and what we can do to aid your deployment. You will be put in contact with our lead technical director of this project who can discuss if this product is suitable.Talk with us
Honeypots can have various functions, but the most compelling one from a business risk management point of view is an alerting system.
A good example of a honeypot is; picture table in your SQL DB called ‘ Users’ full of fake user entries. If an attacker calls this fake table (as no legitmate user is going to) you could receive, say, an email which alerts you to the fact that there is a breach somewhere along the chain. Speeding up your incident response process significantly, in this example, you might start by killing that users session. In order to slow their ex filtration of data down.
We can apply this example to various other areas of information security, designing custom solutions for your environment.
Many clients have concerns about their ability to monitor a honeypot 24/7 –- which it must be in order to be effective. As part of our state of the art security operations centre services, we can assist you with this.Talk with us
For too long, IT systems have been passively defended, we continuously build higher walls yet they get torn down.
Active defence started with a collection of tools in a Linux Distro known as ‘ADHD’.
It’s one of the fastest growing areas of network and application defence, allowing defenders to annoy, attribute, prevent and even attack back at would be attackers.
Of course, attacking back requires careful following of the rule of law, but there are many law abiding ways in which attackers can be persuaded to stop their attack on your business before its too late. Active defence makes the risks associated with attacking your business very high for a would be law-breaker, much like how around your home the idea is to make your house less of an appealing target for would-be robbers than your neighbour.
The main goal of Active Defence is to shift the balance of power out of the hands of attackers, who currently have an advantage over defenders.
We’re HUGE fans of ADHD and Active Defence here, and have written some custom additions for our clients where gaps exist.
We’d love to talk with you about Active Defence and what it could do for your business and how we can help you implement it successfully.Talk with us