Cloud Secure Access

Cloud Access Secure Broker (CASB) is software or hardware that intermediates between users and cloud service providers. CASB provides full observability of cloud application usage, including user information. It also gives organisations the ability to extend the scope of their security policy from their existing on-premises infrastructure to the cloud and create new policies for […]

Behaviour Analysis

User Behavior Analysis (UBA) is a system of analysing user and system behaviour aimed at finding and detecting anomalies using monitoring tools. UBA technologies analyse historical data logs (including network logs and authentication logs) aggregated by SIEM systems to identify traffic patterns caused by both normal and malicious user behaviour. Usually, UBA systems do not […]

Account management and control of privileged users

Privileged Access Management (PAM) is a solution designed to monitor and control the accounts of privileged employees (system administrators, IT department employees, contractors, auditors and other users with elevated privileges), manage authentication and authorisation of these employees, audit actions performed, control access and record their sessions. Opportunities: centralised account management with advanced features; audit of […]

Defence strategy using deception methods

Cyber Deception Systems Opportunities: creation of fake targets (honeypots) to mask real network assets; laying down so-called “breadcrumbs” on PCs and servers (accounts, hashes, passwords, RDP session links, etc); active deception of attackers and changing the attack vector away from real assets. Result: early warning of an attack; rightdata for decision-making; preventing or stopping an […]

Control of device interaction in the network

Network Detection and Response Opportunities: constant monitoring of communications in the network; detection of suspicious traffic; event analysis using a combination of behavioural analysis, machine learning and statistical analysis. Result: improvement of the efficiency of the cyber security system; automatic rapid response; advanced behavioural analysis to respond to the most complex threats. Our partners: Fidelis | Elastic | Plixer […]

Advanced status monitoring and endpoint telemetry

End-Point Detection and Response Opportunities: signature-based antivirus protection; device management; application control; blocking attempts at unauthorised actions; continuous monitoring and retrospective analysis; in-depth investigation of incidents and events; integration with other cyber security subsystems. Result: effective endpoint status analysis based on behavioural methods and context-enriched data; rapid, targeted action and reduction of the likelihood of […]

Patch Management

Patch Management is a process of managing software updates using special software solutions. Opportunities: real-time monitoring of endpoints; automated updates of operating systems and applications; management of updates with easy-to-use tools; launch of updates remotely and their distribution across the network. Result: real-time visibility of endpoint status; prevention of incidents by reducing the attack surface […]

Inventory of assets for cyber security purposes

The core of Asset Management as a process is a software product that allows identifying and collecting all asset information in one place in accordance with cyber security goals. This tool can be used to monitor and manage assets in the network throughout their entire life cycle, from planning to disposal. Opportunities: identification of all […]

Vulnerability management based on an integrated platform

Vulnerability Management Opportunities: assets evaluation when scanning devices in the network; prioritisation of vulnerabilities; risks evaluation for each asset by levels of impact; elimination of vulnerabilities or other measures based on the level of impact. Result: rapid identification and elimination of all existing vulnerabilities of the organisation; overall assessment of the attack area. Our partners: […]