Detect & Protect
Our fully managed security service (SOC & a SIEM) developed by ex-GCHQ cyber ‘offense’ operatives and used by, among others, The Bank of England, monitors, detects and reacts to threats in real time, enabling your clients to achieve a maximum risk reduction of up to 98%.
- Activity and Security Analysis
Detect & Protect collects system and security data from your IT devices (on-site or cloud) and then forwards it securely to us. This data is indexed and analysed against bespoke rule-sets as well as a threat intelligence database to identify potential threats, behavioural anomalies and to detect actual intrusions.
- Intrusion Detection
Detect & Protect provides real-time scanning that looks for cyber threats and suspicious anomalies at the host level. This enables analysts to investigate and respond to advanced threats and attacks against your IT. Detect & Protect can uncover more complex exploit processes, used to bypass Anti-Virus systems, through the integration of the Cyber Tec Security Threat Intelligence database to identify indicators of compromise.
- Flexible Incident Response
Detect & Protect can provide an optional automated active response service that can be used to block a network attack, stop a malicious process or quarantine a specific user or file. This tailored service will be developed to meet your organisation’s individual automated response requirement.
- Vulnerability Assessment
The automated vulnerability assessment feature helps to find the weak spots in your IT. Detect & Protect uses the output from the software audit to provide a continual vulnerability assessment for each monitored device.
Detect & Protect achieves this by comparing the results against the latest CVE (Critical Vulnerability and Exposure) database of known vulnerabilities to identify weaknesses that need be addressed.
- File Integrity Monitoring
Detect & Protect monitors selected files to identify changes in content, permissions and attributes of the files that are important to an organisation such as files that a hacker or malware would target or those containing sensitive financial information or personal data in HR records.
Detect & Protect will generate an alert if it detects that a file has been changed or modified and can identify the user(s) involved. File Integrity Monitoring will also provide inputs into the Detect & Protect regulatory compliance service.
- Security Configuration Assessment
Detect & Protect monitors operating system and application configuration settings to identify where areas of potential attack can be reduced. Detect & Protect will detect and alert against common system misconfigurations that may be present on monitored devices. Each device will have a security configuration assessment score that will be available through the user dashboard. These scores can be benchmarked and tailored against an organisations security policy.
- Regulatory Compliance
Detect & Protect alerts and reports against compliance with some of the mandatory security controls for various industry standards and regulations. Detect & Protect is configured and mapped to the technical controls of Cyber Essentials, ISO27001, PCI DSS (Payment Card Industry Data Security Standard), GDPR, NIST and HIPPA.
- User Dashboards
Detect & Protect has been designed with its own unique user accessible dashboard. Each dashboard is pre-configured to display the core features of Detect & Protect and can be tailored to meet the individual needs and requirements of each company. This single interface provides a real-time view of your monitored IT infrastructure that has been identified as part of the Cyber Tec Security managed service.
Detect and Protect (SOC/SIEM)
Our fully managed security service (SOC & a SIEM) developed by ex-GCHQ cyber ‘offense’ operatives, monitors, detects and reacts to threats in real time, enabling you to achieve a maximum risk reduction of up to 98%.