Cyber Security Stack
The Following Services will create a comprehensive plan for Remote Management and monitoring, Remote Helpdesk and Cyber Security Measures as well as setting up a new SonicWALL Firewall.
Remote Monitoring & Management. Lightweight agents are installed on endpoints to provide persistent, continuous access. This Enables real-time monitoring and collection capabilities. Desktop Performance Monitoring of the Hard Drive, CPU, and RAM and a Monthly Report is Sent showing agent Health of each Desktop. Remote Monthly Maintenance and OS Patching of Servers and Workstations. Quarterly Physical Maintenance on all Servers and Workstations. Routine Firmware Patches and Updates to Network Devices.
Remote access is available to all Monitored devices for a technician to remote in, to work on issues that arise, for a range of issues. While we will not support any 3rd party programs, we will assist the users in resolving their problems and help with talking to those 3rd party venders to get their support of the product. (I.e.. QuickBooks) You must stay Current on any support plans from those vendors for us to get their support when needed.
SOCaas: Security Operations Center as a service.
This Provides a fully staffed 24x7x365 Security operations center because in today’s environment you need more than just antivirus endpoint security. This team of professionals monitor several of the following services on a 24x7x365 basis to ensure the highest quality of security is maintained at all times.
Managed Detection and Response (MDR)
MDR is a comprehensive service that includes 24/7 threat monitoring, threat hunting, and detection response. We leverage a combination of hand-picked and vetted technologies deployed at the host using advanced analytics, threat intelligence, and human expertise to deliver sophisticated and thorough incident investigation and response. We also offer incident validation and remote response services such as threat containment as needed.
Anomaly – Based Detection, utilizing heuristics statistical analysis and machine learning, ARR highlights atypical events or features of an artifact/file which aids in detection of advanced zero-day threats.
BEHAVIOR-BASED DETECTION, the behavioral analytics engine identifies suspicious behaviors of legitimate processes and events and maps them to known attacker tactics, techniques and procedures (TTPs) as described by the MITRE ATT&CK framework. We concentrate defenses against the Top 20 most commonly observed ATT&CK techniques that are also achievable to monitor. These allow us to be more effective and catch adversaries actions more often.
FORENSIC STATE ANALYSIS, the agent has the ability to collect and analyze live forensic data from your endpoints, including from both volatile and non-volatile memory. This capability enables proactive inspection of thousands of hosts for current and historical compromise as well as aiding in the root cause identification of detected attacks.
CONTINUOUS ENDPOINT MONITORING, RESPONSE AND FORENSICS
ARR’s advanced threat hunting and monitoring adds another layer of security focused on identifying key behaviors observed during and following an attack. In addition, automated forensic analysis enables our
analysts to proactively verify integrity of endpoints or quickly determine root cause once a breach is found.
MDR simplifies and accelerates the identification, investigation, and response to sophisticated cyber attacks
Proactive threat analytics by leveraging our A.I. driven SIEM and 100%US based security analysts. This service will detect and alert on known and new cyber threats inside Microsoft365 using advanced machine learning, behavioral analytics, and dynamic threat models.
Avanan - Email & Cloud Security, Anti-Phishing and Anti-Malware with AI and Machine Learning
Because email is the No. 1 method used by hackers, your customers need the strongest protection against malware and phishing. Avanan’s patented security connects to the cloud via API and blocks malicious emails before they reach the Inbox. It also protects collaboration apps; including OneDrive, ShareFile, Slack, many others.
Firewall as a service
We provide a SonicWALL Firewall on an “As A Service” Model. In Stead of Paying up front every few years when the SonicWALL is at end of life you pay a low monthly fee. This includes all upgrades and patches that are required for security compliance. Including Firewall Monitoring & Threat Analytics Level I - 24x7 access to Centralized Management & Monitoring via web portal, Event Notifications, Offsite firewall configuration backups every 7 days with 5 versions maintained. Next Business Day replacement of Faulty or Damaged Equipment. We will also set up a guest Wi-Fi network to allow cellphones to connect securely and not risk any contact with the business side of the network.
Firewall Management Monitoring and Reporting LVL 3
Firewall Monitoring & Threat Analytics Level III MSA (SonicWall Only TZ, NSA up to 4600) 24/7/365
Managed, Monitoring & Reporting, 24x7 access to SGI’s SonicWall GMS, Event Notifications via Email, Offsite firewall configuration backups every 7 days with 5 versions maintained, Daily Firewall Security Report & Weekly Firewall Status Report, SLA includes a 1-hour Engineer response (not resolve) time – some restrictions may apply
Actifile Automatic Risk Discovery & Data Encryption
Having sensitive files scattered all over your endpoints and on ‘shadow IT’ applications is an accident waiting to happen. Actifile automatically discovers sensitive data files and with an optional Upgrade allows you to eliminates the risk by transparently encrypting them.
Dark Web Monitoring
Are your company’s user credentials on the dark web? Thousands of email addresses, passwords and other sensitive data land on the dark web every day, creating risk for your business — and you may not even know about a vulnerability until it’s too late. Dark Web Monitoring ensures the greatest amount of protection with 24/7/365 human and machine-powered monitoring of business and personal credentials, including domains, IP addresses and email addresses. We uncover your compromised credentials in Dark Web markets, data dumps and other sources, and alert you to trouble fast, giving you the advantage to act before cybercriminals do.
BULLPHISH ID Phishing Simulation Platform
90% of data breaches start with a phishing email. Reduce your organization’s chance of experiencing a cybersecurity disaster by up to 70% with security awareness training that includes phishing simulation using BullPhish ID.
Add every employee to your security team with security awareness training that empowers them to spot and stop phishing threats.
Automate training campaigns and reporting for stress-free, consistent training that gets results.
Choose from a rich set of plug-and-play phishing campaign kits and video lessons accompanied by short quizzes — or easily create your own phishing emails and training courses.
Effective, affordable one-stop security and compliance training scales to fit any business and budget.
Backup and Disaster Recovery
While we have seen many cases of backups being corrupted by bad actors and ransomware groups, it is still important to have a Backup and disaster recovery plan in place. Not all disasters are caused by a Cyber Security Threat. Fire, Flood, Hardware Failures, and more are still a big threat to your business and data. Its important to have a Disaster Recovery Plan in place and we offer a 2-fold Backup plan that employs both onsite and offsite Daily incremental backups, Weather you choose a basic file backup model or a bare metal backup model. We can even offer restore to cloud in order to get to your data before the hardware on site is even repaired.