IT Security Pro (Oct 2021) - Netbull Early Warning Intrusion Detection Service
At a time when everything is being digitized and transformed, businesses as well as public organizations are facing a great danger that can be fatal for them: cyber-attack.
According to a recent report by Checkpoint, with 81% of businesses having adopted remote work for the majority of their employees and 74% planning to implement remote work permanently, organizations worldwide are expected to face more sophisticated cyber-attacks such phishing campaigns, double-extortion ransomware attacks, etc.
NEW Early Warning Intrusin Detection Service from Netbull
by Nikitas Kladakis - Netbull CEO
Therefore, it is understood that traditional security solutions do not have the capacity, scale and speed to keep up with the increasing risks in cyberspace, resulting in an increasing need for Early Warning Intrusion Detection Services, with the possibility of intervention to deal with them (Managed Detection and Response).
As a pioneer in the field of information security, Netbull provides modern Early Warning Services, by real time monitoring its customers' digital infrastructure, through its state-of-the-art Cyber Security Operations Center (I-nSOC).
The Early Warning Intrusion Detection Services, (based in SOCRadar), collects and processes millions of threat data from vast databases, matching all relevant information of an organization, with its digital footprint such as e.g. IP addresses, DNS names, etc. Every info received is related to the organization, and not to an incident that occurs in another organization somewhere on the internet.
This service is divided into three (3) basic modules:
External Attack Surface Management
This service helps organizations to obtain in an automated way, the image of their digital fingerprint that hackers see, and can exploit any vulnerabilities. Through the advanced tracking algorithms used by the service, the organization has a direct picture of all the technological assets used on the internet, such as e.g. IP, DNS, Domain etc.
Corporate Risk Management
The corporate risk management service scans the entire internet by associating intelligent information to detect leaks on the Dark Web, phishing domains, malicious mobile applications, etc. This allows organizations to immediately and effectively understand the risks involved in digital transformation and the actions they need to take to eliminate them.
Cyber Threat Intelligence
Threat Intelligence or Threat Feeds, as they are widely known, enhance an organization's defensive line as an additional tool for the immediate detection of known advanced attacks, the "known-knowns". Therefore, this service directly assists Incident Response Teams in quickly identifying and responding to threats.
Thus, in case of detection of any threat, all the necessary information from these modules related to the attack, are forwarded to the Netbull eASIS platform (based on IBM QRadar), to be analyzed by the IBM QRadar Advisor with Watson. Then our analysts, having the full picture of the security incident, through the SOAR platform we have, take action and perform the necessary tasks to suppress it.