CORE Resilience  Threat Monitoring as a Service

"SANS estimates that over 80 percent of cyber security incidents exploit known vulnerabilities, and the annual Verizon Data Breach Investigation report shows similar numbers. Gartner comes in much higher, estimating that “through 2020, 99 percent of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year."

While attacks that exploit zero-day vulnerabilities tend to get the most press coverage, data shows that attacks that exploit well-known vulnerabilities cause the vast majority of business damage.

PROACTIVELY FIND OUT WHERE YOUR IT SYSTEMS ARE VULNERABLE TO THE LATEST THREATS & HOW TO PROTECT THEM

We propose moving away from manual network assessments to an Automated Vulnerability Management program or Threat Monitoring Service in order to bring more accuracy and automation to your IT security and regulatory compliance assessments.

CONTINUOUS THREAT MONITORING ensures visibility of your Network on a continuous basis for any network change that could leave you exposed…

EXTERNAL VULNERABILITY MONITORING

EXTERNAL VULNERABILITY MONITORING forms the base of the CORE TM service and is provided on a “PER-IP/PER –SCAN” enrolment model.

INTERNAL VULNERABILITY MONITORING

With the commissioning of local server agents and/or central scanning appliances, we will extend the vulnerability monitoring service to your local internal DMZ and server hosted ranges.

WEB APPLICATION SCANNING

Web Application Scanning is the process of scanning web and application hosting services for potential threats and exploits, this service complements the base Vulnerability Monitoring service and will identify cross vulnerability association.

POLICY COMPLIANCE

Collect and report on security and compliance audits tied to policies, laws and regulations. Get automated security configuration assessments on IT systems throughout your network. Reduce risk & continuously comply with internal policies and external regulations.

REPORTING

Receive scheduled monthly reports on vulnerabilities and threats detected on your system and get recommended fixes.

THE CORE TM SERVICE IS A PROFESSIONAL SECURITY SERVICE THAT ENABLES CONTINUOUS THREAT MONITORING OF YOUR CRITICAL BUSINESS SYSTEMS.

The CORE Resilience Threat Monitoring (TM) service is built on a platform of integrated services that provides businesses with continuous management of network security, web application security, threat protection and compliance monitoring.

This professional service was specifically designed to proactively and continuously monitor your external and internal perimeter services for exploitable vulnerabilities or threats.

With utilising the TM service, your perimeter facing systems will PROACTIVELY be assessed and monitored for new vulnerabilities.

EXTERNAL VULNERABILITY MONITORING

Utilising the most comprehensive Public and Private Vulnerabilities databases available, the enrolled IP addresses will on schedule, be scanned from external sources and mapped to your networks to determine if they are vulnerable to the latest threats and vulnerabilities.

Discovered vulnerabilities will trigger a THREAT MITIGATION response, which includes pro-active notifications to your security team with detailed remedial information.

INTERNAL VULNERABILITY MONITORING

With the commissioning of local server agents and/or central scanning appliances, we will extend the vulnerability monitoring service to your local internal DMZ and server hosted ranges.

In addition to the functionality provided by the external scanning the Internal Scanning can also assess the Patch and Policy status of your Microsoft Systems, providing critical information on the security status of your internal servers.

This service is not intended to replace your existing patch management systems, but will extend the detailed threat and patch information to your existing patch management processes.

WEB APPLICATION SCANNING

The Web Application Scanning service will specifically target external facing websites and application servers. The threats identified through this service will be incorporated with the External and Internal Vulnerability monitoring details ensuring swift remedial action.

POLICY COMPLIANCE

With Policy Compliance, we can incorporate existing Threat information with system health, patch status and application information.

You will be able to report on, monitor and maintain your Systems Security Compliancy utilising one central source of information. Scheduled and On-demand reports will be provided to ensure that you always know the status of Policy Compliance within your network.

REPORTING

You will receive notifications from our security team informing you of any newly discovered vulnerabilities and will immediately trigger a proactive remedial plan detailing the corrective actions required to mitigate these threats before they can be compromised.

SCHEDULED - Monthly scheduled reports of existing and newly discovered threats will be provided. These reports will include the remediation recommendations and actions required to mitigate the potential Threats and will be compared to previous results in order to track the mitigation progress.

Requirements for security workshops will be established in order to discuss the required response and remediation plans.

ON DEMANDreports will be provided with the generation of exception events, these events could be related to the discovery of new threats and vulnerabilities; or general health status changes providing insight on remediation changes that may have occurred. The On Demand reports are also available on request if particular information is required for feedback to business or security investigations.

MONTHLY SERVICE  COSTING

One (1) external IP address can be enrolled and categorized as: one (1) ENROLLED host, the following service(s) will be enabled for assessment:

  • VULNERABILITY MONITORING;

  • WEB APPLICATION SCANNING;

 

Enrolled hosts are assessed and scanned monthly, quarterly or on-demand and includes the following professional services;

  • Monthly reporting on previous and current vulnerabilities;

  • Includes two (2) INTERNAL host IP addresses that could be target to assess separate internal servers or hosts;

 

Additional INTERNAL hosts can be enrolled at a reduced “INTERNAL host” cost in order to extend the Vulnerability Monitoring laterally.