MANAGED DETECTION AND RESPONSE

  • 24/7/365 Monitoring and Alerting
  • Behavioral Data, System Data & Security Logs
  • Network Traffic Analysis – Inbound/Outbound Traffic

  • Real-Time Process Monitoring – Disk/Fileless/PowerShell, etc.
  • Vulnerability Management, CVEs

  • Real-Time Vulnerability Scanning

  • Identification of all files on disks

  • Threat Intelligence

  • SIEM Log Correlation with Firewall, Windows Events & Endpoint Protection

  • Admin Privileges Granted/Removed

  • Malicious IP Detection

  • Brute Force Attack

  • Common Vulnerabilities & Exposures Detection

  • Suspicious Log Activity

  • User Accounts Created/Disabled

  • Local Firewall/Registry Values Modified

  • Root Cause Analysis

IT Solutions - Managed Server Provider

INTERNAL VULNERABILITY SCANNING

  • Complete networking scanning for vulnerabilities across multiple vLANs
  • Compares vulnerabilities to CVE ratings for remediation prioritizations
  • Maps vulnerabilities to security frameworks such as NIST and CIS
  • Active Directory Scanning of Users, Groups and Group Policy

EXTERNAL VULNERABILITY SCANNING

  • Tests the network as an intruder from the Internet would

  • Scans for vulnerabilities from outside of the network
  • Identifies any potential attack surfaces from the Internet
  • Discover any exploitable security holes