Managed Security Services AKA Security-as-a-Service or Cloud-Based Security Services
Compliance support for any of a number of regulations and industry standards, including PCI, FFIEC / GLBA, SOX, HIPAA and more. We have deep expertise in compliance and can help you navigate the complexity of these mandates.
Zero capital investment with long-term reduced, predictable costs.
PCI Approved Scanning Vendors (ASV)
Security and Compliance Solutions, delivered 'as a service'
Simplify IT security and compliance management by delivering Security-as-a-Service consisting of advanced security tools integrated with 24x7 expert security services.
Security-as-a-Service: components
Advanced Security Tools
Intrusion detection, log management and vulnerability assessment tools that are on-demand, highly scalable and pay-as-you-go.
Expert Security Services
24x7 Security Operations Center provides monitoring, analysis and expert guidance services by certified analysts who act as an extension of your IT team. Additionally, our in-house security research team constantly investigates the newest vulnerabilities, develops the latest threat correlation rules and deploys them globally to automate network sensor tuning.
“As-a-Service” Delivery
Day-to-day management of security infrastructure and operations, including support and maintenance, to minimise head count and budget impact. On-demand availability with integrated provisioning and decommissioning processes.
Wherever IT Goes
Multi-tenant architecture, scalable platform and multiple deployment options enable seamless integration of security and compliance solutions to address customer security needs in on-premise, hosted or cloud environments.
Ensuring Compliance
Visibility to accurately identify and prioritise security incidents based on a broad threat picture.
VMware Security
Managed Security Services for VMware, VShield, vCloud Air.
Whether your deployments are on-premises, in a public cloud (multi tenant like vCloud Air, AWS, Azure), private cloud or hybrid.
DDoS (Distributed Denial of Service) Monitoring – Detection - Mitigation Service
24 / 7 monitoring and mitigation.
DNS & BGP redirect site service.
Data Traffic Cleaning Service
Data Loss Prevention (DLP)
Network, email, web traffic, large file transfer and storage data checking for sensitive data. Encrypt any sensitive data.
Web Application Firewall (WAF)
The best way to protect web applications is with a Web Application Firewall, or WAF. WAFs interrogate web traffic in context with how web applications work and identify everything bad, even traffic coming from a known, good source. So why doesn’t everyone have a WAF? Because monitoring, managing and tuning a WAF so it only identifies that bad traffic is hard.
Centralised Security Device and Platform / Policy Management
Centrally manage all on-premise and cloud-based (including amazon) firewall and other security device or platform policies. Streamline audit preparation process, provide proof of compliance and reduce costs.
Sandbox / File Analysis Service
Combined Proactive threat intelligence and security professionals.
Malware Protection
Provide up-to-date protection against the latest viruses, trojans, worms, spyware, bots, social engineering techniques, phishing attacks, blocking dangerous and fraudulent links, including phishing and malicious websites.
Application White Listing
Nothing else is allowed to run or execute on your devices or systems, except for application in your 'white list'.
Anti Virus
Cloud-Based Anti-Virus Protection
Security, visibility and control for all your :
- PCs, Macs
- Mobile devices
- Endpoints (servers, desktops, laptops, storage)
Intrusion Detection & Prevention (IPS)
Firewall Management
Proactive Management
Hands-on monitoring, configuration management and appliance health and status checks result in proactive response, detecting any resolving and issues before they impact network availability and business operations.
> Device provisioning
and deployment
> Device upgrades and configuration, including policy and patch management > Security event and appliance health monitoring |
> Managed appliance
backup and restore
> Portal-based service reporting > Unlimited support |
Log Monitoring
24x7 real-time analysis of logs and alerts from security devices, network infrastructure, servers and other key assets by certified security experts.
A flood of events cross your network hourly, but most of those events are irrelevant. The daunting task for you is to identify the significant events that pose a security risk to your information assets so you can respond to them in real time, before a compromise occurs.
You have probably invested in a variety of technologies, such as network firewalls, IPS/IDS, VPNs, routers and switches to detect events. Every security appliance, business-critical system, noncritical server and endpoint in your organisation generates extensive logs daily. These raw logs need to be monitored continuously, analysed and correlated to filter out false positives in order to identify real security events of concern. This requires dedicated, skilled resources around the clock to review and interpret all the logs and alerts in all the different formats generated by your infrastructure.
Log monitoring service monitors, correlates and analyses logs and alerts across virtually any security technology and critical information asset, 24x7, to identify anomalies and respond to threats in real time. Deeply skilled security experts.
SIEM (Security, Information, Event Management)
24x7x365 security operations centres monitor your auditing devices and notify you of threats and compliance risks. Various service levels are available to meet differing requirements. Service may include managed log management appliances, monitoring, and staff augmentation for management of other SIEM solutions too.
Log Retention
Collection, archival, search and reporting of raw log data from security devices, network infrastructure, servers and other log sources.
Log Management
Alerts: prioritised by business risked by business
Faced with a continuous deluge of security log and alert data, it can be difficult to cut through the noise to focus on the threats that matter most to your organisation.
Vulnerability Scanning
Find, fix and remediate vulnerabilities
Vulnerability Management technology to perform highly accurate internal and external scan audits across;
|
|
Database Vulnerability Scanning
|
|
Web Application Vulnerability Scanning
|
|
PCI Scanning
- Certified Approved Scanning Vendor (ASV) authorised to provide PCI scanning and compliance reporting as specified by PCI Data Security Standards (DSS).
- PCI DSS approved scanning - automated / subscription based service.
- On-demand service - Set up is simple and can be completed within minutes through a secure web connection from any browser.
ISO27001 / 2 Managed Service
Helping you attain and maintain ISO27001:2 security standards. Professional services, providing on-going reviews to drive continuous improvement to the security management system.
Raises the level of security and awareness of best practices through continuous training.
Security Systems Testing & Penetration Testing
Automated - on-demand - subscription based - remote and independent services
External and Internal Scanning systems like Databases, Operating Systems, Software, Servers, Routers and Switches, DDoS, Firewall, Access Control Systems, VPN, IPS, Wireless, VOIP, IPv6, Email and much more...)
Mobile Application Security & Performance Testing
Access Control
Context-Based: Remote, Cloud, Role, Privileged Users, Identity, Network, Application, Data and VPN - Based Access Control
- Control access to your systems. Even From bring-your-own-device (BYOD) endpoints.
- Support of BYOD: automated detection and restriction of non-compliant devices based on device type, vulnerability assessment, potentially malicious behavior or infection.
- Management of existing NAC solutions, or the implementation and management of a new solution provided by SecureNet Consulting.
- Seamless, agent-less deployment with "disolvable agent"
- Access control based from Microsoft Azure.
Authentication
Cloud-based delivery and self-service administration with seamless management. With low, per user fees, our solutions are easy to provision and inexpensive to maintain, supporting any use case including: network or application authentication from the corporate desktop, remote locations, employee laptops and mobile devices, such as smartphones and tablets.
Multiple Authenticators
Users are given a choice of device and authentication method each time they log in. We allow for choice and flexibility, creating an authentication solution that works for everyone in your organisation. Supports all phone types - from smart phones (on all platforms) to landlines - and lets users authenticate using any of the following:
- Push - Push notification for login request approval/denial
- Mobile - One-time passcode generation via mobile application
- Voice callback - Push button authentication
- SMS - One-time passcode sent via SMS text
- Digital certificates - issued user authentication certificates
Web / Internet Gateway Security
Address compliance, security and employee / work force performance.
Filter and apply policy to Internet data traffic - cleaned in the cloud. Away from your network, no hardware, software or maintenance costs incurred on-premise. Reduces business bandwidth consumption.
Protects any user, in any location, on any device, all based on a single policy that moves with the user.
Web data security deals specifically with security of anything that interacts with or across the Internet (websites, web applications, social media, web services, web email).
- Web content filtering and web policy enforcement to protect against inbound and outbound web-borne threats.
- URL filtering: Filter content that contain malicious URLs.
- Data Loss Prevention: outbound inspection of content and files to effectively manage confidential data and help meet regulatory compliance and industry requirements.
- Anti-Malware, Virus and Spyware Control
Email Security Services
- Email content filtering and email policy enforcement to protect against inbound and outbound-borne threats.
- URL filtering: filter email content that contain malicious URLs.
- Data Loss Prevention: protects an organization from liabilities associated with privacy and data security regulations including HIPAA, GLBA, PCI, SEC rules, and many more.
- Inspection
- Encryption
- Outbound content inspection on emails and attachments to effectively manage confidential data and help meet regulatory compliance and industry requirements.
- Dictionary-based content, regular expressions and weighted keyword matches.
Email Encryption
Endpoint Security
No server and no maintenance required.
Managed Endpoint Security Protection for network, laptops, desktops, tablets, mobile (Android and iOS) and servers to point-of-sale devices, ATMs and kiosks devices.
Includes both physical and virtual endpoints.
Password Management
Encryption Services
Managed encryption servers /service.
|
|
Cloud Data Storage, Backup, Microsoft Azure, Data at Rest Encryption
SSL Inspection / SSL / TLS / HTTPS Decryption & Re-encryption
PKI Key Management Service
Cloud Key Management
- Cloud security requires cloud-based key management
- Take control of your encryption keys and cloud security
Managed Unified Threat Management
Unified Threat Management (UTM) solutions protect organisations from breaches and malware attacks with a single, integrated solution that manages multiple layers of network security defense. A single appliance simplifies the simultaneous orchestration of various security tools such as:
|
|
however, if the system is not installed and configured appropriately, if patches and upgrades are not deployed in a timely manner, and if security events are not monitored vigilantly, it can become a single point of compromise.
Reduce administrative burden
A UTM system must be installed with proper configurations and updated regularly to be effective against threats. Managed UTM service simplifies and streamlines the deployment, management and monitoring of your UTM appliances, giving you peace of mind that your network and information is protected and freeing up your resources to focus on other business priorities.
Initial deployment is painless. Our security experts configure and install the UTM appliance remotely, with limited on-site support from your staff.
Security software patches and upgrades are deployed remotely, with no or minimal interaction from your staff, to ensure your organisation is protected against new threats. Policy and rule-set change requests are managed. Device health is monitored to help you minimise disruptions that could result in exposure to breaches.
Protect your network and data 24x7
UTM log data must be monitored vigilantly to protect your organisation against known and emerging threats. The Managed UTM service monitors UTM event logs 24x7 to identify security events and detect malicious activity before damage is done.
Respond to malicious threats effectively
Managed UTM service provides real-time event analysis, insight and actionable information based on your thresholds, rules and escalation preferences around the clock via the Customer Portal. All you need to do is review event analyses, categorised by severity, in real time or at regular intervals, and respond in a timely fashion to protect your organisation from threats quickly and accurately.
Incident Response Service
Respond to major security breaches and malware outbreaks
The Incident Response Managed Service provides remote and on-site investigation to help organisations mitigate their impact and quickly restore business as usual.
Gather Forensic data from physical devices, a range of network, computer, tablets, smartphones and other mobile devices, logical volumes, memory, volatile data and network traffic.
Security Professional Services
> Cloud Security - Professional Services
> Managed Application Control Service > eDiscovery > Computer Forensic Services & Training (Performed both on-site or remote. Address network intrusions, virus analysis and fix) > Server and Desktop Audit Your company is responsible for maintaining confidentiality, integrity, and availability for both your customers’ and your own data. Like others, you also must comply with a growing body of data protection regulations. > Vulnerability Assessment & Report Service Automated & Manual Services - assess all aspects of your network infrastructure, security systems and where your data resides. > Social Penetration Engineering Services > SCADA Systems Security: Penetration Testing Service |
> Network Testing
Ethernet, Routers, Switches, Protocols, VOIP, Video, wireless, storage, iSCSi, Fibre. > Mobile Code Testing > Oracle Security Services > Virtual Systems / Datacentre Testing > Cloud Network and Cloud Application Testing > IPv6 Testing |