The SMB Security Challenge

Attacks are on the rise

Prevention is no more enough

SMB’s lack the time, resources & expertise to defend their organization

Do you know what is happening on your network?

74%

of Small Business have already been breached(*)

(*): Information security breaches survey, PwC (2015)

469 days

median time to discovery of an attack after the initial compromise in the EMEA region (**)

(**): M-TRENDS 2016 Report –EMEA EDITION

Tech-IT Vision:

Security is not an option

Tech-IT Managed Security Services

Accelerates and Simplifies

  • Threat Detection

  • Incident Response

  • Compliance

Unified Security Management (USM) Platform

A single platform for simplified, accelerated threat detection, incident response & policy compliance

Providing a unique simple all-in-one approach with Behabioral monitoring, SIEM, Intrusion Detection, Asset Discovery and Vulnerability assessment

AlienVault Labs Threat Intelligence

Actionable information about malicious actors, their tools, infrastructure and methods, automatically updated into the USM platform.

Open Threat Exchange

The world’s largest repository of threat data provides a continuous view of real time malicious activity.

Focus on Incident Response

Tech-IT structured its managed security services focusing on providing efficient incident response

Use security monitoring to identify anomalous behavior that may require investigation.

  • Observe what is happening in your infrastructure
    Visibility is a key element to take appropriate actions in response to an incident. Thanks to the USM solution from Alienvault, Tech-IT will have access in an all in one platform to information about assets, vulnerability scanning results, intrusion detection, behavioral monitoring, SIEM and threat intelligence
  • Keep up with latest threats
    AlienVault Labs Security Research Team provides regular updates to manage latest threats in the form of correlation rules, vulnerability signatures, and response templates. While this may be a challenge for companies with no or little IT security teams, you benefit from the work of a team of experts that have the skills, the time and the access to a large customer basis to feed you with up to date information and detection mechanisms.
  • Be aware of your weak points
    Thanks to regular vulnerability scans and prioritization of the results based on assets and detected vulnerability criticality (combination of easiness of exploitability and impact if exploited), you will be able to evaluate which assets are vulnerable to a new attack, and to prioritize preventive actions.

Evaluate what’s going on tin the cyber threat landscape & inside your company. Make logical connections & real-time context to focus on priority events.

  • Determine scope and impact of attack
    The AlienVault Labs Security Research Team draws on threat data from the global AlienVault Open Threat Exchange (OTX) community as they research, monitor, and analyze the latest attacker tools and tactics. They convert this intelligence into new detection capabilities within AlienVault USM so your team and Tech-IT can respond with efficiency.
  • Investigate source of attack
    AlienVault Open Threat Exchange platform provides information about bad actors detected worldwide, to help identifying the potential source of the attack

Remediate & recover. Improve incident response procedures based on lessons learned.

  • Implement remediation and verify
    Remediation can include a lot of different actions (ex: patching systems, resetting passwords,…). Tech-IT can help you in dispatching remediation actions among teams, handling some of them and verify afterwards that actions have been implemented properly.
  • Communicate
    Internal and/or external communications are important to control potential corporate image impact, and also to prevent the incident to get worse. Communication templates and strategy should be prepared beforehand.
  • Improve
    Tech-IT can help reviewing the execution of the incident response plan in order to help learning from the incident and improving the incident response plan.

Based on observations & context, choose the best tactic for minimal damage & fastest recovery.

  • Determine which alarms to respond to according to your organization’s policies
    Tech-IT will fine tune controls to increase or limit the generated alarms, based on your organization policy.
  • Determine the immediate next steps in responding to the incident
    Minimizing the impact of an incident is related to the capacity of being able to take the appropriate action quickly. Thanks to the Observe & Detect and Orient phases, and to pre-agreed remediation actions, Tech-IT will help you reacting quickly and efficiently. Actions depend on whether or not preserving evidence should be a priority over recovering quickly.
  • Document all remediation tactics planned for the affected assets
    All remediation actions will be wrote down to describe what has been done, by whom and when. This incident response audit trail will help reviewing and improving the incident response plan, communicate internally and reach compliance
+ Observe & Detect

Use security monitoring to identify anomalous behavior that may require investigation.

  • Observe what is happening in your infrastructure
    Visibility is a key element to take appropriate actions in response to an incident. Thanks to the USM solution from Alienvault, Tech-IT will have access in an all in one platform to information about assets, vulnerability scanning results, intrusion detection, behavioral monitoring, SIEM and threat intelligence
  • Keep up with latest threats
    AlienVault Labs Security Research Team provides regular updates to manage latest threats in the form of correlation rules, vulnerability signatures, and response templates. While this may be a challenge for companies with no or little IT security teams, you benefit from the work of a team of experts that have the skills, the time and the access to a large customer basis to feed you with up to date information and detection mechanisms.
  • Be aware of your weak points
    Thanks to regular vulnerability scans and prioritization of the results based on assets and detected vulnerability criticality (combination of easiness of exploitability and impact if exploited), you will be able to evaluate which assets are vulnerable to a new attack, and to prioritize preventive actions.
+ Orient

Evaluate what’s going on tin the cyber threat landscape & inside your company. Make logical connections & real-time context to focus on priority events.

  • Determine scope and impact of attack
    The AlienVault Labs Security Research Team draws on threat data from the global AlienVault Open Threat Exchange (OTX) community as they research, monitor, and analyze the latest attacker tools and tactics. They convert this intelligence into new detection capabilities within AlienVault USM so your team and Tech-IT can respond with efficiency.
  • Investigate source of attack
    AlienVault Open Threat Exchange platform provides information about bad actors detected worldwide, to help identifying the potential source of the attack
+ Act

Remediate & recover. Improve incident response procedures based on lessons learned.

  • Implement remediation and verify
    Remediation can include a lot of different actions (ex: patching systems, resetting passwords,…). Tech-IT can help you in dispatching remediation actions among teams, handling some of them and verify afterwards that actions have been implemented properly.
  • Communicate
    Internal and/or external communications are important to control potential corporate image impact, and also to prevent the incident to get worse. Communication templates and strategy should be prepared beforehand.
  • Improve
    Tech-IT can help reviewing the execution of the incident response plan in order to help learning from the incident and improving the incident response plan.
+ Decide

Based on observations & context, choose the best tactic for minimal damage & fastest recovery.

  • Determine which alarms to respond to according to your organization’s policies
    Tech-IT will fine tune controls to increase or limit the generated alarms, based on your organization policy.
  • Determine the immediate next steps in responding to the incident
    Minimizing the impact of an incident is related to the capacity of being able to take the appropriate action quickly. Thanks to the Observe & Detect and Orient phases, and to pre-agreed remediation actions, Tech-IT will help you reacting quickly and efficiently. Actions depend on whether or not preserving evidence should be a priority over recovering quickly.
  • Document all remediation tactics planned for the affected assets
    All remediation actions will be wrote down to describe what has been done, by whom and when. This incident response audit trail will help reviewing and improving the incident response plan, communicate internally and reach compliance

“For its powerful, mature feature set, performance and superior value we make this our Best Buy.“

Peter Stephenson,
Technology Editor, SC Magazine

Highest notation from SC Magazine SC Lab team review, 2017

Only company to be named “Visionary” in the Gartner SIEM Magic Quadrant in 2013, 2014, 2015 and 2016

security_100_award_2017
scwinner
QUESTIONS? Call our support team at + 352 26 67 64 90

Ready to transform your service management?

Accelarate your digital transformation

Send message