Extended SOC services
In order to automate the routine processes of SIEM, to free up experts time to current actions for threats detection, investigation and response, we offer services, which includes:
- SOC operations automatization (incl. health check);
- Vulnerability, Patch and Change Management Processes integration;
- Development, exchange and keep up-to-date scenarios for the detection of the most common and actual Security Incidents.
Depending on the business and infrastructure of the customer, considering the potential scale of attacks, we offer a hybrid protection scheme:
- First line of defence – CoreroSmartWall (attack up to 50Gbps);
- Second line of defence – Cloud Service by Verisign/Arbor (attack more 50Gbps).
Web Application Firewall
The Imperva and F5 companies solutions help our customers to protect themselves from application-level attacks through:
- Web-applications operations analysis;
- Traffic analysis results matching;
- Proactive protection for web applications implementing;
- IP-addresses reputational database
Application Security Test
To minimize risks from attacks at the service and application level, we offer one of the best solutions, which includes:
- The software source code testing for information security vulnerabilities;
- The application dynamical testing (black box test).
We offer a service based on the HP Fortify solution (the best in Gartner Magic Quadrant AST for last 3 years).
New generation antivirus
To protect against "0"-day attacks, we offer a new generation antivirus, the uniqueness of which is to identify a family of malicious programs, rather than a set of constantly changing signatures. This solution is integrated into the core of the OS and allows you to monitor all system calls in real time (loss of productivity is about 2-3%) and block attacks on thesystem from the families of malware.
In therecent case of PetrWarp (Petya.A, Netya) attack it's an opportunity to protect systems that have not yet been infected, run systems that have not been completely encrypted and start new systems (from scratch or backups).
In order to effectively identify, detect and analyze security threats, we provide a service for scanning vulnerabilities within the customer infrastructure (including continuous monitoring) based on the products of the world's leading leaders: Qualys, Nessus, Rapid 7.
This service will help to minimize the risks of the detected vulnerabilities using for malicious purposes, which will increase the infrastructure security level.
ATP and 0 days attack protection
We provide a multi-level protection service against targeted attacks and threats of zero days, including sandboxes, endpoint protection, information system integrity control.