View
Sorting
Products found: 106
Advenica Data Diodes
Key features
SecuriCDS Data Diode guarantees unidirectional separation between network interfaces. It contains optical fibre with a transmitter on one side and a receiver on the other side, with no chance of a two-way transfer.
Network separation The separation between the two data interfaces on a data diode is vital. In the SecuriCDS Data Diodes, the separation and diode functionality are based on an optical transmitter and receiver. The design guarantees that no data passes in the opposite direction. The SecuriCDS Data Diodes even includes the possibility to use dual power supplies to eliminate potential covert channels in the reverse direction. Integrated proxy servers Integrated proxy servers to enable handling of common communication protocols, e.g. data, file or network time transfers, are included in SecuriCDS Data Diode model D1000i. This data diode handles application level protocols and is easily integrated into any system. High assurance data diodes Advenica’s data diodes meets the highest demands on both security and assurance. Internal separation of functions, multi-stage unidirectional security and deep security analysis provides trust and high assurance. Special attention has been given to eliminate the risk of covert channels in the reverse direction. Component assurance level N3 Advenica’s data diodes SecuriCDS DD1000A and SecuriCDS DD1000i are approved by the Swedish Armed Forces with the component assurance level N3 according to Swedish national security requirements. The component assurance level N3 can be used in systems with high impact level (e.g. handling secret information up to SECRET/TOP SECRET) but where the component level of exposure is somewhat limited. Create your own proxy services In the SecuriCDS Data Diode, model DD1000i, is the opportunity to use your own staff, consultants or Advenica’s Professional Services. The data diode’s Software Development Kit (SDK) makes it possible to use SecuriCDS Data Diode security platform and develop unique and custom proxy services.Aegify RSC Suite
Aegify RSC Suite
- Reduced risk
- Unified/integrated approach
- Lower total cost of ownership
- Oversight ease
- Maximum security
- No compliance tradeoffs
The NEED
RISK management is not optional for healthcare, retail and financial organizations.When SECURITY breaches happen, critical data is compromised, jobs are lost and profits disappear. Managing the regulatory maze is challenging. PCI, ISO and SANS 20 COMPLIANCE is best practice. HIPAA, GLBA and FISMA COMPLIANCE is the law. Risk, security and compliance (RSC) protection is complex and cumbersome. Until now. Discover the effective simplicity of a unified RSC solution. Discover Aegify.
- Aegify RSC Suite includes:
- Aegify Risk Manager
- Aegify Security Manager
- Aegify Compliance Manager
- Aegify Integrity Manager
UNIFIED APPROACH
For management ease and cost reduction, most healthcare providers and business associates prefer a unified Risk, Security and Compliance solution. Consider these diagnostic questions:- Are you confident your vendors and business associates are compliant with all regulations?
- Are burdens of compliance forcing you to take calculated risks due to resource constraints?
- Do you have multiple siloed solutions that cause integration, management and financial headaches?
- If your answers are mostly “yes,” consider Aegify RSC Suite
Diagnose
Within hours, you will know:- Your total organizational risk including your risk from each of your vendors and business associates
- Where your security threats lie
- What curative measures need to be undertaken
- Your compliance status with HIPAA, Meaningful Use, HITECH, PCI, ISO, SANS 20 and all other regulations and standards
Cure
Follow Aegify instructions to:- Minimize organizational risk
- Close your risk, security and compliance gaps
- Comply with all applicable regulations and standards
Protect
24/7 continuous monitoring program will:
- Reduce all risk… today and tomorrow
- Diagnose and cure future security threats in real time
- Comply with all applicable current and future regulations
WHY AEGIFY?
Aegify was founded on a simple set of guiding principles:
- RSC services are too siloed, complicated and expensive
- The market needs a holistic RSC solution that diagnoses, cures and prevents future catastrophic events from occurring
Today, the Aegify Suite is a unique unified solution that operates at the intersection of security, compliance and risk management for healthcare, retail and financial organizations.
For those that don’t need a unified RSC Solution, each individual Aegify Manager product is a robust standalone solution.
AgileSi
360° SAP Security powered by SIEM
agileSI is an award winning, industry-grade solution for continuous monitoring of SAP security events, parameter checks, change detection of critical settings, transaction manipulation and automated response. agileSI is much more than just another tool or SAP plugin. It brings with it a whole new way to manage and monitor SAP® in all of its aspects, while taking care of security. Continuously monitoring basically any stats you desire, it’s a one-for-all solution to give you insight into what’s going on in your engine room, without digging through tons of data and interfaces yourself. And it makes audit preparation and reporting a breeze. agileSI is based on a three-tier architecture model with a collection, administration and analysis layer, respectively. Analyzing the data is achieved by using the agileSI content package for SIEM. This contains an extended Security Analytics Pack which provides the categorization of events and a large set of predefined SAP-specific event correlations for different security domains. It also handles the evaluation of criticality, as well as the visualization & notification and delivers alerting rules and reports.The added value is a SAP-specific Security Intelligence Package for SIEM. The product approach does not fall back to another isolated solution, but pursues the holistic strategy of establishing security event management at a central point in the company: in the SOC, on the basis of next generation SIEM & Log Management solutions that are planned or already being used in all security-conscious organizations.
Solution offers:
- The SAP-SIEM-integration. agileSI provides a broad set of SAP Extractors, feeding different kind of SAP data, such as database data, system settings, logs and events from various SAP security sources into SIEM. The framework and its extractors are highly flexible and configurable, to meet exactly the customers‘ needs. The integration of SAP data into SIEM provides transparency to many stakeholders.
- Domain. agileSI is used for supervision of security-critical activity & events, access control checks and monitoring of audit-relevant information, compliance of system settings and authorizations, as well as SAP Operations support and the monitoring of dedicated SAP business application data & transactions.
- SAP Operations. Integration of SAP Basis near information and events will facilitate SAP Basis processes and remediation cycles, raising efficiency at work and providing ad-hoc reports of system metrics data.
- Any SAP Data. Get any SAP data with the help of flexible and configurable agileSI data extractors, create any customer use case and integrate any customer’s SAP-based applications.
- SAP Security Log Management & Monitoring. agileSI Extractors retrieve all kinds of security-relevant information of SAP NW ABAP based SAP systems.The included content package adds SAP Security Intelligence to SIEM.
- Ready-to-use. Ready-to-use with a predefined set of use cases – the agileSI configuration frontend is developed in Web Dynpro ABAP. The key benefit is the powerful and ready-to-use content of predefined uses cases, that makes agileSI a real product, rather than a tool only with high customer site implementation and customization effort. The use cases can be maintained, customized or created newly using the agileSI configuration frontend.
- Guidelines. Implemented DSAG audit guidelines, SAP Security Guidelines and information, as well as practical-proven SAP Security specialists and auditors know-how are transferred into use cases, implemented in agileSI SAP and SIEM components.
Airbus Security Maturity Check
- Determination of the automation systems to be checked based on their criticality
- Definition of the documents to be analysed
- Identification of key personnel for the on-site visit and interviews
- Scheduling of appointments
- Analysis of the documents provided with regard to architecture as well as technical, organisational and personal security measures
- Preparation of the interviews and visit
- Inventory of the organisational framework, guidelines and processes
- Review of the implementation of documented security measures
- Random control of existing baseline protection measures such as roles and rights assignment, patch management, and backup and restore
- Comparison of the information collected with the documented requirements, best practices and national and international standards
- Clarification of outstanding issues with all participants
- Definition of the contents of the final report
- Request for missing information for the final report
- Management summary
- Subject matter, procedure and scope
- Results of the evaluation
- Prioritised recommendations for action
AlertEnterprise Enterprise Sentry
- Centralized view of complex threats, events and incidents across cyber, physical and operational domains
- Automated decision support – prioritizes response based on risk and criticality
- Built-in response scripts guide responders on policy-based procedures to follow
- Leverages existing physical security investments like access control and video surveillance
- Aggregate information from vulnerability scanners, firewalls, log management and intrusion detection systems
- Turn data into insights and action with AI-Powered Identity Intelligence, rule-based engine and powerful dashboards
- Include non-cyber clues such as human identity, physical location, critical assets, and time of entry to eliminate false positives and validates alerts and events
AMT - Banking Malware Detector
The AMT Technology Website
The AMT (Agentless anti-Malware Technology) is a new proprietary Minded Security technology for detection and management of malware software. AMT has been developed after years of study for detecting and managing in real time advanced banking malware for our customers online users. The core engine is a JavaScript Analyzer written by renowned JavaScript experts specialized in advanced JavaScript security research. Various innovative analysis technique have been used in AMT such as Trusted JavaScript Modeling combined with optimized WebInject differential analysis.The product: AMT Banking Malware Detector
The AMT Banking Malware Detector is a sophisticated security platform for detecting and managing advanced malware on your online banking customers in real time. AMT Banking Malware Detector instantly recognizes all new malwares that have been installed on users' computer interacting with your Internet Banking Web Site. The technology is able to detect all types of banking malwares, with a focus on targeted malware specifically designed to attack a particular bank.Key Features:
- Agentless: does not install anything on user’s computer.
- Transparent: does not alter the user experience.
- Proactive detection: detects malware not known yet.
- Easy Setup: installation and tuning in just a few days.
- Available in both modes cloud and appliance.
Performance
No degradation in the performance of the bank infrastructure: no need to install new infrastructure components.
Light Deployment: for portals with millions of users does not require significant additional infrastructure.
- Fraud Risk Management
The technology reduces risk of infected users preventing frauds.
Can be easily managed by the bank's internal anti-fraud team through the innovative HTML5 interface.
- Easy Management
The product is easy to install with a single JavaScript source for multiple sites. No need to install new infrastructure components (no impact on Business Continuity).
Easy to manage with AMT control panel and AMT daily reports.
- Customization
It is designed to integrate with any anti-fraud systems with the ability to customize the modular components such as GUI, API, and specific components.
Ability to create ad hoc components for malware detection.
Why choosing AMT?
The key point of the AMT Banking Malware Detector is the new proactive approach.
AMT creates a model of Custom Signature Engine (CSE) for each online banking service.
The CSE permits to perform a continuous comparison with the mutations and to identify in real time a new threat.
AMT Banking Malware Detector allows to identify malware victims before they will be defrauded.
Aperio Solution
Assystem Industrial Cybersecurity
Our Approach
Assystem operates at sensitive sites and on critical infrastructures in industrial and urban sectors, with an offer based mainly on the delivery and integration of turnkey system solutions.Thanks to many years of close cooperation with institutional clients, mainly Operators of Vital Importance, the Assystem cybersecurity offer is squarely focused on the industrial sector and more generally on OT (Operational Technology). Assystem is able to help its customers to implement their Information Security Management System (ISMS), and can provide support not only in project upstream phases (consulting, audits), but also with prime contracting, integration and Vulnerability Management.Our Assets
Expertise in OT fields Historical know-how in automation fields (Instrumentation & Control Systems, SCADA, industrial IT, instrumentation and electronics) Global security" approach Operational security and safety (protection of data, individuals, industrial equipment and the environment) Multiple-sector expertise Industry expertise in sectors such as energy, health, life sciences, transport, etc. Technological independence Independence with respect to publishers and distributors of standard market solutions (COTS)Our Solutions
- Audits and risk analysis. Assistance with military planning laws, standards, methodology
- Security for industrial architectures. Networks and applications
- Assistance obtaining accreditations. Military planning laws (Operators/Information Systems of Vital Importance)
- Integration and development of industrial architectures. Networks and applications
- Event detection and analysis/SIEM. Security Information Management System
- Vulnerability Management
BAE Systems IndustrialProtect
- Military-grade technology, originated from BAE Systems Applied Intelligence’s national security heritage, specifically designed to be fit for purpose for industrial environments - rather than an off-the-shelf IT solution adapted for operational technology
- Hardware that provides higher performance, reliability and security than solutions based on mainstream software components
- Enablement of true automation, which is a two-way exchange of information between the industrial system and corporate IT
- Network segmentation without breaking critical business processes
- Prevention of unauthorized systems from exchanging information
- Implementation of network segmentation without breaking critical business process
- Prevention of unauthorised systems from exchanging information
- Assurance that the integrity of information is preserved from source to destination
- Transparency to existing systems and a very low attack surface
- Full remote management from the industrial control system and back to the system
Bayshore Automation Defender
Bayshore Industrial Cyber Protection Platform
Platform Overview
Bayshore’s purpose is to protect industrial infrastructure – finding and eliminating existing cyber threats and risks, and preparing the organization to achieve its goals for IIoT maturity. Only an integrated, unified platform can provide these capabilities. Bayshore provides visibility to existing assets and risks, detects and eliminates new and persistent threats, and enables secure policy-controlled external interconnections. Bayshore is architected for ease-of-use, scale, and industrial resilience. No other cyber security approach even comes close to Bayshore’s comprehensive, unified Industrial Cyber Protection Platform.What It Does
Bayshore delivers a comprehensive set of capabilities required to protect and defend against sophisticated, and complex attack systems. Through our technology industrial enterprises are empowered with safe and efficient production, operational insights, and improved business outcomes, while blocking cyber threats to industrial plants, machinery, and people.How It Works
Identifying and protecting against cyber threats is a mandatory first step before connecting factories, electric grids, and other industrial infrastructure to the Industrial Internet. Bayshore provides visibility to existing assets and risks, detects and eliminates new and persistent threats, and enables policy-controlled external interconnections. Bayshore’s integrated, unified platform is architected for ease-of-use, scale, and industrial resilience.Belden EAGLE20/30
- Customizable design - Interface configuration options include Fast Ethernet, Gigabit Ethernet and Symmetrical High-speed Digital Subscriber Line (SHDSL).
- Easily configurable - Customized network rules can be created in no time with Firewall Learning Mode (FLM) using the advanced Graphical User Interface available with the device.
- Secure operating system - New HiSecOS 3.0 security features, including Deep Packet Inspection (DPI), ensure the highest level of security for your industrial network.
Blade Tool Output Integration Framework
- CppCheck
- RATS
- Splint
- SpotBugs
- Jlint
Blade TOIF Integration
Integrates into Eclipse development environment:- Execute Blade TOIF (desktop deployment) from within Eclipse with progress bar
- Automatically see defect findings in Eclipse
- Use the “TOIF Analyze” easy button in the Eclipse toolbar and in the Blade TOIF main menu
- Run it on a sub-set of project files/ directories
- Filter the defect findings listed in the Blade TOIF Findings view, based on the selected project data in the Project Explorer in Eclipse
Blade TOIF Key Capabilities
- Integrates multiple vulnerability detection tools and their findings as “data feeds” into a common repository
- Addresses wider breadth and depth of vulnerability coverage
- Common processing of results
- Normalizes and collates “data feeds” based on discernable patterns described as Software Fault Patterns (SFPs) and CWEs
- Provides one prioritized report with weighted results across tools/vendors
- Uses an RDF repository and provides external Java API for additional analysis capabilities
- Integrates out-of-box with: CppCheck, RATS, Splint, SpotBugs and Jlint
- Defect Description view provides information related to the cluster, SFP, and CWE description of the selected defect instance in the Blade TOIF Findings view
- Defect findings, including citing information, can be exported to *.tsv file and subsequently imported to another Blade TOIF project
- Installation wizard, auto-detection and configuration of open source software (OSS) static code analysis (SCA) tools
- Supports load build integration to import results generated from the server/load build to the desktop
- Automated risk analysis
- Automated vulnerability detection and analysis
- Traceability
- Measurement and prioritization that make it easy to plan how to best leverage the risk management budget and resources for greatest impact
Bottomline's Cyber Fraud and Risk Management Platform
It empowers security, risk, compliance and investigative teams to:
- Dramatically improve visibility and reduce risk with cross-channel protection that leverages intelligent machine learning, rules based detection, and behavior profiling
- Stay ahead of regulations and protocols through technology infused with deep risk and compliance expertise across industries, payments types and applications
- Easily evolve your payment security program through a highly extensible and flexible platform that advances with your program as needed
Compliance. Accelerate speed to achieve regulatory compliance requirements, while decreasing complexity.
As part of the Cyber Fraud and Risk Management suite, Bottomline’s Compliance solution provides corporations and financial institutions with a powerful end-to-end offering to accelerate the speed to achieve regulatory compliance requirements while decreasing complexity.
Whether the need is around modernizing an anti-money laundering program, achieving more reliable sanctions screening, improving payments monitoring, highlighting settlement exposure, or automating suspicious activity reporting to meet regulatory requirements, Bottomline’s Compliance solution offers a modular approach to reducing the cost of compliance and increasing productivity.
Secure Payments. Protect payments across a variety of applications, channels, and payment types.
Bottomline’s Secure Payments solution protects payments across a variety of applications, channels, and payment types.
Whether it is one business critical application, channel and payment type, or a variety, our highly flexible and extensible platform delivers proven protection against payment fraud through advanced analytics of user behavior and transaction flows layered with intelligent machine learning, reducing risk for some of the largest corporations and financial institutions in the world.
User Behavior Analytics. Quickly identify and stop anomalous user activity through rich fraud analytics.
Bottomline’s User Behavior Analytics solution quickly identifies and stops anomalous user activity through intelligent machine learning, rules based detection, and years of experience protecting some of the largest corporations and financial institutions in the world.
The solution captures all user behavior in real-time across all vital systems and provides protection for both external threats in which user credentials have been compromised and internal threats from authorized users.
Powered by an analytics engine, statistical profiling of users and peer groups, alert correlation that includes predictive risk scoring and the ability to visually replay all user activity, the solution is purpose built for today’s threat landscape.
Change Tracker Gen7 R2
IT SECURITY & COMPLIANCE - PROBLEM SOLVED!
NNT’s Change Tracker™ Gen7 R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker™ Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments. Gen7 R2 integrates with leading Service desks and Change Management solutions to reconcile the changes that are actually occurring within your environment with those that were expected and part of an approved Request for Change. Security and IT Service Management (ITSM) have traditionally observed and managed change in two very different ways. By linking the changes approved and expected within the ITSM world with those that are actually happening from a security perspective, SecureOps™ is delivered and underpins effective, ongoing security and operational availability.Change Tracker Features And Benefits
Automates CIS Controls Spot cyber threats, identify any suspicious changes and adjust the secure baseline for all of your systems in real-time with NNT Change Tracker™ Gen7R2. Approve changes to the authorized baseline with a simple point and click. Breach Prevention Ensure all IT assets are secure and breach free at all times by leveraging state of the art, recommended security and configuration hardening settings along with real-time system vulnerability and configuration drift management. Breach Detection Change Tracker™ Gen7 R2 identifies suspicious activity using highly sophisticated contextual change control underpinned by threat intelligence to spot breach activity while reducing change noise. Real-Time Contextual File Integrity Monitoring Change Tracker™ intelligently analyzes all changes in real-time leveraging the world’s largest repository of independently verified whitelisted files combined with intelligent and automated planned change rules to significantly reduce change noise and deliver a true FIM solution. System Hardening & Vulnerability Management Minimize your attack surface with continuous and real-time clear configuration guidance and remediation based on CIS and other industry standard benchmarks for system hardening and vulnerability mitigation guidance. Continuous Compliance Monitoring Across all Industries NNT provides comprehensive tailored or pre-built reports to provide vital evidence to security staff, management and auditors of the ongoing and improving state of your organizations secure and compliant posture.New Features and Functionality
- All new Dashboard, fully customizable with choice of widgets and multiple tabs for alternative Dashboard layouts
- ‘Single-Page Application’ design gives a contemporary, super-responsive Change Tracker experience
- New universal Query/Report controls, consistently available, enables reports to be built ‘off the page’
- New Reports Center – build and schedule any reports, with graphically-rich content, including all new Executive Report showing overall security of your estate
- ‘Expert Event Analysis’ sections for reports, with events automatically pre-analyzed to show ‘noisiest’ devices, paths, registry settings and any other monitored configuration attributes to aid decision making in your Change Control Program
- Report production now performance optimized, even large volume event reports are generated on a streamed basis to minimize impact on Hub server resources
- Report properties can be tailored – include a hyperlinked Table of Contents, Event Details table and Query Parameters, together with as many/few event attributes as required
- New Group & Device/Date & Time filter and selection control panel, selections persist for any page accessed, panel can be hidden when not in use to give a ‘full screen’ display of the Dashboard
- User-defined auto-refresh settings for all pages
- New componentized Planned Changes, allowing easy re-use of schedules and/or rulesets, driven by a new Planned
- New ‘FAST list’ planned change rule option, ensures only file changes you select as permitted, allows a user-defined list of approved file changes to be operated – like a personal FAST Cloud!
Operating at a forensic level within the IT infrastructure, Change Tracker™ works across all popular platforms such as:
- Windows, all versions including Server 2019, 2016 and Windows 10, XP, 2003/R2, Windows 7, Windows 8/8.1, 2008R2, 2012/R2 (Core and GUI)
- Linux, all versions, including Ubuntu, SUSE, CentOS, RedHat, Oracle, FreeBSD and Apple MAC OS
- Unix, all versions including Solaris, HPUX, AIX, Tandem Non-Stop
- VMWare, all versions including ESXi
- Database Systems, including Oracle, SQL Server, DB2, PostgreSQL, My SQL
- Network Devices and Appliances, all types and manufacturers, including routers, switches and firewalls, from Cisco, Nortel, Juniper, Fortinet and Checkpoint
Check Point 1200R
Features
Wide range of appliances for IT and OT networks The 1200R Rugged Appliance complements our extensive appliance family to support a diverse range of deployment environments and meet specialized requirements in ICS security. The 1200R complies with industrial specifications such as IEEE 1613 and IEC 61850-3 for heat, vibration and immunity to electromagnetic interference (EMI). In addition, the 1200R is certified for maritime operation per IEC-60945 and IACS E10 and complies with DNV 2.4. The 1200R Appliances can also be used in commercial deployments. Inspect Encrypted Connections There is a shift towards more use of HTTPS, SSL and TLS encryption to increase Internet security. At the same time files delivered into the organization over SSL and TLS represent a stealthy attack vector that bypasses traditional security implementations. Check Point Threat Prevention looks inside encrypted SSL and TLS tunnels to detect threats, ensuring users remain in compliance with company policies while surfing the Internet and using corporate data. Next-Generation Firewall Check Point Application Control has broad support for specialized Industrial Control System and SCADA protocols with granularity for over 800 SCADA specific commands. This enables protocol-specific visibility and controls with directional awareness. Integrated threat detection and prevention Detect and prevent targeted attacks against ICS/SCADA components in Operational Technology (OT) environments with specific protections for these highly vulnerable, unpatched, legacy embedded systems. Our threat prevention technologies have the best catch rate in the industry and can be deployed in detect-mode to minimize the disruption of operational processes. Best-in-class management Administrators can define security policy for the entire network — including internal security, main sites, and remote sites — from a single, centrally located Check Point Security Management server. With SmartProvisioning™, a profile-based management approach designed for large- scale deployments, administrators can define a single security and device profile and apply it simultaneously to thousands of appliances — dramatically reducing deployment time and administrative overhead.Benefits
- Deploy SCADA networking security in harsh environments and remote locations
- Full visibility and granular control of SCADA traffic
- Comprehensive security with SCADA-aware threat detection and prevention
Claroty Platform
- Provides extreme visibility into ICS Networks
- Identifies security gaps – including known and emerging threats and vulnerabilities
- Automatically generates current state of OT process-level communications and presents an ideal network segmentation strategy
- Detects security posture changes
- Enables proactive threat hunting with actionable threat information
- Secures, monitors, and records remote connections to ICS assets
- Continuous, real-time monitoring of OT Networks
- Rapidly discover network communications and asset details down to the I/O level
- Field Proven and 100% safe for OT networks
- Precise, periodic queries of OT and IT Assets
- Safely query ICS and non-ICS assets for enhanced visibility into asset configurations
- Enhanced context for alerts and vulnerabilities
Claroty Secure Remote Access
Secure Remote Access
SRA minimizes the risks remote users, including employees and 3rd party vendors, introduce to OT networks. It provides a single, manageable interface that all external users connect through, prior to performing software upgrades, periodic maintenance, and other support activities on assets within industrial control system networks. The system enforces password management, authentication and access control policies for remote connections and monitors and records remote sessions. Network administrators employ SRA to proactively control which users are granted access to industrial control assets, for what purpose, and during what time windows.Key Benefits
Secure Remote Access delivers organizations the following value:- Isolate critical industrial systems from unmanaged and insecure VPN plus “jump box” scenarios
- Eliminate one of the most critical attack vectors that threat actors have used to gain access to industrial systems -- pathways that have been leveraged in multiple ICS attacks
- Remove the vulnerability presented by sharing passwords across internal teams or teams working for external contractors
- Enable granular auditing through video-based session recordings and detailed reporting with advanced filtering options
Use Cases
Network administrators Have full visibility and control over 3rd party and employee accesses before, during and after a remote session takes place. OT Plant/Operation Can monitor and review remote sessions and validate that the user’s stated purpose aligns with the actual session activity. Security Teams and Auditors Can validate that remote access control policies are being consistently implemented in industrial environments, watch active sessions, and review recorded sessions based on a risk assessment.ControlScan Managed SIEM
Gain visibility into attacks on your environment
Basic security measures are no longer sufficient to protect your business against today’s rapidly evolving cyber threats; this reality is made glaringly evident by the constant stream of breaches reported in the news. Traditional perimeter security technologies such as firewalls and Intrusion Prevention Systems (IPS)—as well as endpoint security like anti-malware—do not provide the broad and deep visibility across your IT infrastructure needed to detect these threats. Evidence of attacks and incursions within your environment can be found in log records and machine data generated by your networked systems, security devices and applications, but how do you unlock these critical insights? Most businesses struggle with the continuous investment in technology and people required to maintain ongoing monitoring of their security posture. The ControlScan Managed SIEM service combines enterprise-class SIEM technology from the ControlScan Cyphon platform with our deep security expertise and service excellence. Comprehensive service collects, correlates, analyzes and stores log data from network infrastructure, servers and applications in order to identify and mitigate security incidents while facilitating compliance with requirements within PCI, HIPAA, GLBA, SOX and other frameworks. The secure, cloud-based Cyphon platform collects log data generated by devices such as firewalls, IPS solutions, servers, desktops and applications. Correlation logic is applied to the aggregated logs to identify potential security threats, and alerts are generated and sent in real time, on a 24x7x365 basis. ControlScan Security Analysts are on hand to support the assessment and investigation of critical alerts and to provide guidance on proper response.
Key features of the ControlScan Managed SIEM Service
- Log Collection for your entire IT infrastructure
- Event Correlation and Analysis leverages multi-sourced log data and advanced correlation rule sets to detect security incidents
- Prioritization and 24 x 7 Alerting
- 12 Months of Log Retention for compliance requirements, including PCI DSS requirement 10
- Reporting and Data Access available to you through ControlScan's web-based platform
- Advance Functionality including:
- File Integrity Monitoring (FIM)
- Custom real-time dashboards
A Unique Solution to Solving the Security Challenge.
As the leader in providing cloud-based, unified security and compliance solutions, ControlScan offers unique value through its Managed SIEM service.Deploy with ControlScan and get benefits that include the following:
Security-as-a-Service – Avoid costly, up-front investments in hardware, software and technical expertise with ControlScan’s cloud-based services. You’ll be up and running quickly and effectively with an enterprise-class, scalable solution. A solution that gets better with time – Ongoing upgrades and enhancements to the Managed SIEM service ensure the addition of new capabilities for identifying evolving attack methods. At the same time, your ControlScan security team is continually creating and tuning correlation rules for your environment to ensure maximum visibility to true, critical alerts. A staff of security experts watching your back – Only the largest organizations can afford a staff of resources maintaining security and compliance day-in and day-out. ControlScan brings extensive knowledge and experience in both areas, validated by the range of IT Security, PCI and HIPAA certifications held by our team of experts. This knowledge continues to grow as threats become more advanced. A single solution for your biggest challenges – The ControlScan Managed SIEM service delivers functionality you need on three different fronts: 1) Security 2) Compliance 3) Operations. By collecting, aggregating, correlating and analyzing data from your environment, you gain visibility to your organization’s overall security posture, support for key controls in most compliance frameworks, and assurance of the health of your networked systems.Corax | Cyber risk modelling and prediction platform
- Technology and Security data
- Loss data
- Real time Threat Intelligence & Vulnerability data
- Real time Business Interruption / Internet
- Commercial Information
- Custom analytics
- Clients able to modify our model to develop their own view of risk
Data, reports and modelled outputs on:
- Cyber risk of individual and groups of companies, including assessment and benchmarking of cyber hygiene and technology resilience; and prediction and expected costs of data theft and IT disruption.
- Scenarios relating to cyber events, security vulnerabilities, technologies and vendors.
Delivered via web access or API integration
Corax is the leading and largest source of cyber exposure data and predicted loss costs of breach and network outage events. Corax’s rich data foundation is created through expert selection, ingestion and analysis of third party datasets, including threat intelligence, internet performance data and loss data, and using proprietary automated discovery tools that identify detailed characteristics of the technology and security environment of individual companies and their interconnections with other companies. Modelled data is developed within a proprietary AI probabilistic engine to predict the expected cost of data compromise and IT disruption with unprecedented accuracy.The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.