Security-as-a-Service / Managed Security Service Provider (MSSP)

Many of our clients know that they need to look after their Information Security, but they lack the internal resources to do so effectively. This is where our managed security services come in. We match our clients’ requirements with with industry best practice and expert management to protect your IT infrastructure and critical data from a wide range of security threats.

Our managed security services can be provided on a stand-alone basis or as part of a wider Managed Service offering. Either way, our experienced and certified security experts will manage your security systems or work alongside your own security team in an advisory & support role.

Virtual CSO & Virtual SOC

For many SMEs, budgets and staffing considerations prohibit employing a full-time Chief Security Officer and build a Security Operations Centre. With our vCSO service, our clients enjoy the benefits of having an experienced Chief Security Officer overseeing their network security at a fraction of the cost.

Similarly, our vSOC gives clients the peace of mind that comes with knowing that your security monitoring, SIEM, analytics & incident response needs are being looked after by trained & experienced security professionals.

When something goes bump in the night – will you know? Most security breaches go undetected, unreported & without remediation for up to XYZ period.

Network Security Monitoring

We help you identify your critical information assets, measure your current network security effectiveness, implement a Managed Security service, provide 24×7 security monitoring of your network and secure your network with real-time countermeasures.

Managed Firewall

Simply installing a firewall is not enough to ensure the safety of your information assets. Firewalls must be configured correctly by a security professional, and even then a “fit and forget” attitude isn’t sufficient. Security events must be monitored and configurations must be regularly reviewed. Firewall management is a labour-intensive and complex activity. With our Managed Firewall service, we shoulder the burden of administration & management. Hardware and software will be correctly installed & configured, and on-going monitoring & management ensures that your information assets remain have a high degree of protection from a variety of network based threats.

Encryption

Encryption is a widely-used but oft-misunderstood term, especially when applied to data. Most internet users are aware of SSL encryption which is used when visiting secure (HTTPS) websites. The term encryption in this case applies to the connection between your browser and the destination server, which (in most cases) ensures that nobody can eavesdrop on your session and intercept your data.

However, once that same data arrives at either end of the connection – i.e. on your computer, or the destination server, it is usually stored in “plain-text”. This means that if someone were able to access either of those systems, they would have full unrestricted access to the data on those systems. This is where data encryption comes in – the encryption of data “at rest”, not just in transmission. As part of our Managed Security Service, we recommend and implement the encryption of all sensitive organisational data to ensure that it remains secure even at rest.

Two-factor / Multi-factor Authentication (2FA / MFA)

Passwords – the bane of everyone’s existence, and yet a necessary evil. Or are they? Are they even sufficient for the purpose of ensuring the securing your data? In many cases, the answers to both of these questions is no!
We design, recommend & implement multi-factor authentication mechanisms for our clients, which in some cases can take away the hassle of remembering passwords whilst at the same time improving security by utilising one of any number of modern authentication techniques.

Vulnerability Assessment & Penetration Testing

We provide a robust set of VA/PT services, details of which are available here. As part of a Managed Security Service, we can provide both on-demand as well as scheduled Vulnerability Assessments & Penetration Testing.

Log Management

Log management is in many ways one of the most essential parts of any organisation’s security infrastructure. Every type of device – be it a server, workstation, firewall, network device or printer – generates log data. In order to gain visibility over your IT estate, this log data is consolidated, stored and analysed in accordance with best practices, as part of your Logging & Audit Policy (part of your overall InfoSec policy). We then employ a sophisticated set of tools to monitor the stored data, which are linked to an alert profile that raises an administrative alert for InfoSec to respond to.

Incident Response

Our SOC will respond to Information Security breaches in accordance with our agreed Incident Response framework. As an overview, we perform incident classification, incident triage, inform the relevant teams and stakeholders, provide actionable intelligence and work with your internal resources to contain the incident, respond to it and prevent future recurrence. All breaches are also fed back into our policy framework to assess whether existing policy controls provide adequate protection, or if revisions are needed.

Malware Monitoring

Malware monitoring is a standard component of our Security-as-a-Service / MSSP services. We carry out 24×7 malware monitoring, and in accordance with the principles of defence-in-depth, this is carried out at multiple levels including in the cloud, at the gateway and at the endpoint.

Domain / DNS / Reputation Protection

We provide proactive detection of any issues relating to your domains, DNS & internet reputation including monitoring domains, email services, reverse whois, DNS poisoning etc. We also provide a number of other compliance / regulatory services such as abuse mailbox monitoring.

We also have the ability to prevent & respond to phishing and pharming attacks by shutting down identified phishing websites. email accounts and sources of identified pharming attacks.

  • Many initial compromises occur within minutes or less … about 50% take months or longer to discover.
    Verizon2014 Data Breach Investigations Report
  • It was only after tens of millions of customer emails were suddenly for sale on the black market that it triggered an investigation and eventual notification. “The notion of saying that we haven’t been hacked because we’ve not noticed a breach is nonsense”
    Neal O'FarrellFounder, Privide
  • I can’t tell you how many times I’ve been at firms and their IT staff is looking right at the remnants of some sort of attack and they’re still very skeptical that they’ve been attacked.
    John Reed StarkFormer chief of the SEC's Office of Internet Enforcement