Defensive security is a type of cybersecurity that aims to protect the organization under any circumstances, starting from the analysis of the current network, up to completely protecting the network infrastructure by designing a security plan to guarantee the success of any security controls integrated.
”Never accept the way things have always been done as the only way you can do them- Anonymous
TRACKING AND RESPONSE TO TARGET ATTACKS AND POTENTIAL MALWARE
Traditional endpoints are no longer effective against the new threats; they were never designed to deal with sophisticated attacks or Advanced Threat Protection (ATP's).
Auditech is committed to combining the best of traditional security products adding a layer of Threat Intelligence, as the most reliable solution to analyze and respond to all types of threats. We make use of FireEye technology to protect the workplace.
FireEye Endpoint technology uses a signature-based Endpoint Protection Platform (EPP), in case there are no known signatures of the threat, MalwareGuard uses machine learning, powered by real-time intelligence databases.
To deal with advanced persistent threat (APT's) a behavior-based detection and response engine (heuristics) is used, this allows to identify abnormal behavior on the software running the equipment and provide a response to the possible issue.
Finally, a real-time intelligence-based and updated risk indicator engine (Indicator Of Compromise, IOC) is used to find hidden threats.
The most common attack vector used by cyber-criminals today is email. There are many threats; malware, APT's (Advanced Persistent Threats) arriving in the form of URL's linked to fraudulent sites to take access information, infect the computer and spread across the organization's network.
Auditech bets on FireEye Email Security Cloud Edition. This solution can be integrated with the most popular cloud email providers such as Office 365 and G-Suite.
FIREEYE'S EMAIL SECURITY SOLUTION HAS THE FOLLOWING FEATURES
- End-to-end safety for incoming and outgoing mail
- Consolidates the email security stack with a complete single-vendor solution
- It is integrated over any third party email provider
- Provides information about the attack and the attackers from FireEye Threat Intelligence Center
- Advanced Routing (RIP, OSPF, BGP)
- Network and application firewall
- Navigation and content control
- VPN Concentrator (IPSec & SSL)
- IPS & IDS
- WiFi network security
- LDAP and RADIUS integration
- Full-availability support
- Virtual Firewalls to protect different environments
A Firewall, is a perimeter security device installed in the network and offers multiple security functions in a single appliance, either fixed or virtual.
Auditech relies on Fortinet as a world leader in network security and incorporates it in its platform:
Network Access Control
NAC or "Network Access Control" solutions allows you to define policies which all devices must comply with before connecting to the company's network. Devices (both fixed and mobile ) that do not comply with the established policies will not be able to interact with the network. This way we isolate those devices on a preventive basis until the non-compliance is resolved.
NAC solutions complement Firewalls because, once the perimeter security barrier has been breached, NAC acts as the network's own access control.
This provides control over all elements accessing the network regardless of their nature and detection in real-time.
A company's most valuable asset is its information
The Network DLP monitors, tracks, and reports on all network traffic flows integrated into the company’s network.
This system allows access control to confidential files stored and shared in the company’s network and outside of it, the files are monitored and their access control customized.
They are installed on the workstations and devices used by the company’s employees. They monitor and prevent the release of sensitive data that can be shared (private clouds, email, FTPs…)
In the last few years, we have seen information move around and be stored in systems without control. In the past, we kept documents themselves, so we could either have the confidential information locked up or we could destroy the documents if needed.
Today we use DLP or "Data Loss Prevention" solutions that aim to monitor the flow of documentation to avoid information leaks. We have 3 different DLP solutions with the same objective: