Cloud Security and Governance – Mind the Security Gap
Cloud Security and Governance – Mind the Security Gap Workloads are migrating to the Cloud with…
READ MORE
Multi-layered defence in depth
Secure-ISS’s security services division backed by our Security Operations Center (SOC), provides a range of security solutions, which when layered across an organisation assist our clients to build a defense-in-depth cyber security posture.
Our Security services offering is extensive and has been created to allow Secure-ISS to customise the service based upon a customer’s size, compliance and governance requirements, and existing security posture/maturity level. During our initial engagement, we determine a client’s requirements via a number of metrics with a focus on the current security maturity of an organisation.
Essentially, our services and solutions are grouped into three over-arching security postures Essential, Advanced and Leadership. Each grouped posture is multi-layered in relation to the security services delivered and the approach taken. The services and posture groups are outlined below. Although all the listed solutions may be applicable to a larger business, smaller entities may not require all solutions based upon their particular use cases, budget and operating environment.
Solutions within the “Essentials” group are critical for any organisation to achieve a baseline multi-layered security position.
-
Network/ Endpoint Forensics
-
Cloud Access Security Broker (CASB)
-
Threat Intelligence Platform (TIP)
-
Security Operations, Analytics and Reporting (SOAR)
-
End Point Detection and Response Solutions
-
User and Entity Behaviour Analytics (UEBA)
-
Application Security Testing.
-
Continuous Monitoring (including Behavioural, SIEM, FIM)
-
Web Application Firewall
-
Privilege Account Management
-
Identity and Single Sign-On Solutions
-
Multi Factor Authentication mechanisms
-
Network IPS
-
Secure Web Gateway
-
Application Whitelisting
-
Least Privilege
-
Process – Incident Response
-
Backup, Disaster Recovery Policies and Solutions
-
End Point Protection
-
Edge Protection (NGFW/ UTM)
-
Mobile Security (i.e. MDM and Personal VPN Solutions)
-
Process – Vulnerability Assessment, Patching Policies and Solutions
-
Email Security Gateway (protecting one ingress point)
Our 'Defence in Depth Posture' solutions.
Penetration Testing
Penetration Testing Penetration testing is essentially recreating malicious attacks in order to exploit and identify gaps…
Vulnerability Management – Assessment and Patching
Vulnerability Management – Assessment and Patching An effective Vulnerability Assessment (VA) approach Organisations are most likely…
MDR – Managed Detection and Response
Managed Detection and Response (MDR) What is a Managed Detection and Response service? Managed Detection and…
EDR – Endpoint Detection and Response Solutions
Endpoint Detection and Response Solutions – EDR / XDR / MDR Endpoint Protection Platforms (EPP) are…
SOAR – Security Operations, Analytics and Reporting
SOAR – Security Operations, Analytics and Reporting Orchestration and Automation of incident response are key elements…
