Cyber Protection as a Service (CPaaS)

Cyber Protection as a Service (CPaaS)

With Cyber Protection as a Service (CPaaS), we help organizations of all sizes, to build cyber-security capabilities and maintain compliance. Our partnership with Darktrace, world’s fastest growing cyber defense company, expands our counter threat capabilities to detect and prevent attacks.

Why CPaaS?

  • Use AI/Unsupervised Machine Learning to automate cyber threat detection and response in real time
  • Improve the security posture of your organization and help detect both advanced threat and malicious insider activities
  • Track anomalous activity for devices in real time and alert your IT operations team when the anomalous activity reaches a threshold that warrants investigation
  • Quarantine specific device behaviours autonomously that are deemed dangerous to the network.

NIST Framework with Darktrace

Ensured Security partnered with Darktrace for new innovative approach to cyber defense. With the CPaaS service, our primary aim is to use the NIST framework to provide concrete guidance on how to measure and improve organization’s cybersecurity. Presented below are the activities and outcomes that can be achieved by implementing Darktrace within your organization.

Identify

  • Visibility of the network provides a powerful visualization of all active devices for the last 7 days with the ability to detect devices that may be overlooked from initiate inventory such as IoT devices
  • Visibility to Software and applications with view on comparison and compliance
  • Visibility for connections to cloud services
  • View of data flow on the network
  • Visibility to internet and external information system and highlight the unusual activity
  • Prioritization of resources
  • Visibility to conduct initial triage and to identify incidents while protecting the privacy of employees and other users on a network
  • PCAPs, metadata, and logs are stored for a period of time to allow review of data
  • Assessment cyber security risk by continually monitoring networks for anomalies and compliance breaches
  • Respond to risks posed by malicious actions

Protect

  • Full network visibility of unusual and unauthorized use of user credentials
  • Highlight of unusual activity over remote access connections
  • Highlight of unusual access to resources for both when authorized access may be misused or where unauthorized access is attempted
  • Highlight when segregation is broken by unusual connections
  • Visibility over the encryption state of data in transit
  • Highlight of potential data leaks and precursors
  • Highlight of unusual or unexpected connectivity between development, testing and production environments.
  • Check of compliance with baseline configurations which have effects on network activity
  • Learns the behavior of authorized vulnerability scanning activities and can
  • Visibility and retention of data and metadata
  • Visibility over remote maintenance activity
Detect

  • 24/7 Security Operations Centre service - Early investigation and triage of cybersecurity incidents as part of a response plan
  • Viewing, triaging, and investigating notifications. Alerts can also be sent to SIEM systems
  • Analysis services include the communication of observed and potential impact of investigated incidents
  • Powerful forensic tool, retaining metadata about the network’s past activity and some raw data from past connections
  • Highlighting of cyber-threats in their early stages, allowing the security team to contain them
  • Ability to stop or slow a developing cyber-threat and helping to contain it and to mitigate it
Recover

  • Visibility into the network during recovery, and highlighting of continued or newly unusual activity if the state has not been returned to normal. During normal operation, Darktrace’s understanding of the network continuously learns and evolves to assist in the restoration after the given event
  • Darktrace’s Threat Visualizer can be used as an analytical tool to examine past activity and timelines on the network and aid in learning about both remediation and recovery effectiveness