Pro-Active Readiness Program (PRP)

Proactive, Comprehensive and customised readiness program to significantly improve the security posture of the organisation as well as readiness maturity across the organisation to face an incident, including: Risk assessment with actionable recommendation for:
(1) Firewall
(2) Active Directory
(3) Email-security & DNS
(4) OSINT analysis of top-10 most targeted mailboxes
(5) Network Architecture Security
(6) Incident Response Simulation Training (ISRT) on both IT technical operation and managerial level.

Page under construction

Managed, Detections (Active Monitoring)

• Constant support to improve readiness to cyber attack • 24x7 Alerts Monitoring & Notifications • Triage: Qualifications & Validations of Alerts

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Response

Block suspicious activities on specific compromised hosts; Response via remote access and explore via scripts; Quarantine suspicious message and network contain specific hosts

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Threats Management

• Threat Hunting (Manuel/Semi-Automatic) • Threat Intelligence

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Standard Incident Response (IR)

Network-wide attack vector investigation Including:

• Search for suspicious events, artifacts and IOAs. • Remove planted persistence, malware artifacts and malware-less activities on all endpoints, servers and networking equipment including AD & FW.

SOC (MDR) ✖

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Comprehensive Incident Response (IR)

Advisory to the top management regarding common dilemmas in multiple critical aspects during and after the attack I.e.

• Status and information sharing during and after the attack with Employees/Customers/Suppliers/Medi a/Law Enforcements... • Operational decision if to shutdown part or whole the operation during the attack and in parallel to our IR process • Ransomware negotiation with hackers

SOC (MDR) ✖

SOC (MDR) + Standard CS-IRT ✖

SOC (MDR) + Comprehensive CS-IRT ✓

Menu

Pro-Active Readiness Program (PRP)

Managed, Detections (Active Monitoring)

• Constant support to improve readiness to cyber attack • 24x7 Alerts Monitoring & Notifications • Triage: Qualifications & Validations of Alerts

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Response

Block suspicious activities on specific compromised hosts; Response via remote access and explore via scripts; Quarantine suspicious message and network contain specific hosts

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Threats Management

• Threat Hunting (Manuel/Semi-Automatic) • Threat Intelligence

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Standard Incident Response (IR)

Network-wide attack vector investigation Including:

• Search for suspicious events, artifacts and IOAs. • Remove planted persistence, malware artifacts and malware-less activities on all endpoints, servers and networking equipment including AD & FW.

SOC (MDR) ✖

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Comprehensive Incident Response (IR)

SOC (MDR) ✖

SOC (MDR) + Standard CS-IRT ✖

SOC (MDR) + Comprehensive CS-IRT ✓

Services

Contact Us

Pro-Active Readiness Program (PRP)

Managed, Detections (Active Monitoring)

• Constant support to improve readiness to cyber attack • 24x7 Alerts Monitoring & Notifications • Triage: Qualifications & Validations of Alerts

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Response

Block suspicious activities on specific compromised hosts; Response via remote access and explore via scripts; Quarantine suspicious message and network contain specific hosts

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Threats Management

• Threat Hunting (Manuel/Semi-Automatic) • Threat Intelligence

SOC (MDR) ✓

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Standard Incident Response (IR)

Network-wide attack vector investigation Including:• Search for suspicious events, artifacts and IOAs. • Remove planted persistence, malware artifacts and malware-less activities on all endpoints, servers and networking equipment including AD & FW.

SOC (MDR) ✖

SOC (MDR) + Standard CS-IRT ✓

SOC (MDR) + Comprehensive CS-IRT ✓

Comprehensive Incident Response (IR)

SOC (MDR) ✖

SOC (MDR) + Standard CS-IRT ✖

SOC (MDR) + Comprehensive CS-IRT ✓

Services

Contact Us

Network-wide attack vector investigation Including:

• Search for suspicious events, artifacts and IOAs. • Remove planted persistence, malware artifacts and malware-less activities on all endpoints, servers and networking equipment including AD & FW.