Netweek Special Edition (Oct 2021) - Early Warning Services
At a time when everything is being digitized and transformed, businesses as well as public organizations are facing a great danger that can be fatal for them: Cyber-attacks.
NEW EARLY WARNING INTRUSION DETECTION SERVICE FROM NETBULL
by Nikitas Kladakis - Netbull CEO
According to a Checkpoint’s recent report, 81% of companies having adapted remote work for the majority of their employees and 74% planning to implement remote work permanently, and the organizations worldwide are expected to face more sophisticated cyber-attacks: Campaigns Phishing campaigns, double-extortion ransomware attacks, etc.
Therefore, it is understood that traditional security solutions do not have the capacity, scale and speed to keep up with the increasing risks in cyberspace, resulting in an increasing need for Early Warning Intrusion Detection Service, with the possibility of intervention to deal with them (Managed Detection and Response Service).
As a pioneer in the field of information security, Netbull provides Early Detection and Threat Warning services, monitoring its customers' digital infrastructure in real time through its state-of-the-art Cyber Security Operations Center.
The Early Detection and Warning Service (based on SOCRadar), collects and processes millions of threat information from huge databases, matching all relevant information of an organization, with its digital footprint such as e.g. IP addresses, DNS names, etc. Every update received is related to the organization and not to an incident that occurs in another organization somewhere on the internet.
This service is divided into three (3) basic modules:
External Surface Threat Management
This service helps organizations to obtain in an automated way, the image of their digital fingerprint that hackers see, and can exploit any vulnerabilities. Through the advanced tracking algorithms used by the service, the organization has a direct picture of all the technological assets used on the internet, such as IP, DNS, Domain etc.
Corporate Risk Management
The corporate risk management service scans the entire internet by associating intelligent information to detect leaks on the Dark Web, phishing domains, malicious mobile applications, etc. This allows organizations to immediately and effectively understand the risks involved in digital transformation and the steps they need to take to eliminate them.
Intelligent Threat Information
The well-known Threat Intelligence or Threat Feeds services enhance an organization's defensive line as an additional tool for the immediate detection of "known-knowns" advanced attacks. Therefore, this service directly assists Incident Response Teams in quickly identifying and responding to threats.
Thus, in case of detection of any threat, all the necessary information from these modules associated with the attack, are forwarded to the Netbull eASIS platform (based on IBM QRadar), to be analyzed by the artificial intelligence service IBM QRadar Advisor with Watson. Then our analysts, now having the full picture of the security incident, through the SOAR platform we have, take action and perform the necessary actions to suppress it.
You can read the article (in Greek) at page 45 of the digital maganize by clicking the following link: