INCIDENT RESPONSE AND REMEDIATION

Ages ago wise people said that the invention of the shield is always coming after the invention of the sword. Despite the point that it is impossible to predict the next potential vulnerability - it is doable to detect signs of an initial attack. Differentiate it from the noise of the day-to-day alerts flood. Every organization requires the highly skilled team of security experts to protect their data assets, however, it is tough to afford such team, especially if the business or organization that serves for different IT industries. As a result of that, many organizations have invested in a collection of on-premise and cloud-based security technologies, but they need the expert to unlock the full benefit of their investment. We know cases of a wrong understanding of cyber security organization that leads to the ridiculous restrictions, which almost blocked the business operation. In other cases, the delay with the reaction or lack of understanding of the alert gave the intruders the chance to build their own playground and wipe out all signs of their presence, until the impact was done.

To address all these challenges, we are providing the approach, which helps businesses and organizations actualize their ability to early detect, timely investigate and finally react against the threat. We are helping to create the proper organization unit, which will be properly staffed and instructed. The approach is based on proven best practices and methodologies, focused on the effectiveness of the key cyber security asset of the company - their staff. There are 2 main objectives for us:

1) decreasing the risk and impact of any cyber security threat for the company or organization

2) increasing the efficiency of the team and the solution.

PROTECTIVE MONITORING

The Protective Monitoring Service is required for the repeatable scans of the organization’s or solution's infrastructure. The service is looking for unusual patterns of behavior to detect suspicious events, in real time 24x7x365.

Normally, the service can be provided from one of our Security Operating Centres (SOC). However, there are customers that would like to use their own SOC.

Certain clients require deeper analysis of the cyber threat to their IT infrastructure. It can be established by Advanced Threat Investigation service. Building on top of the Protective Monitoring, it identifies new, sophisticated attacks. It is using the latest threat information to allow the prompt filtering of Zero Day threats.

ADVANCED THREAT INVESTIGATION

Advanced Threat Investigation Service is provided from our Cyber Centre by our highly skilled and experienced cyber security analysts. They review the latest cyber threat information from multiple sources. Using automated tools and expert analysis, they detect, investigate and respond to sophisticated advanced threats to protect an organization.

Advanced Threat Investigation (ATI) service provides specialist threat based analytics services to augment traditional Protective Monitoring activities such as those provided by Security Operations Centres (SOCs).

We provide a comprehensive set of analytic capabilities that can be scaled to the type of organization and the threats faced. Our ATI service draws on multiple information sources, tools and security systems to provide a combination of automated analysis and expert insight to detect and respond to advanced network threats.

THREAT, VULNERABILITY AND RISK ASSESSMENT

The threat, Vulnerability and Risk Assessment Methodology provides accurate, controlled, repeatable, and in-depth findings and actionable, prioritized recommendations for remediation. It is customized to focus on a client’s requirements for evaluation, risk tolerance, and specific business goals. Our skilled experts will assess the risks and identify vulnerabilities in the applications, systems, and networks, providing cost-effective recommendations to manage them.

Our approach and methodology use multiple automated assessment tools for the discovery, footprinting, and initial assessment.

Finally, the methodology includes a manual validation and testing phase that verifies the accuracy of each automatically detected vulnerability. It includes tests that the automated tools are known to miss. It is performed in a carefully controlled manner with input from, and coordination with, the client at all phases. All test parameters are recorded to allow retesting under the same conditions. Raw data of test results are provided to the client so that each finding can be replicated and verified.

CYBER SECURITY STRATEGY

In terms of Cyber Security Strategy Service, our experts work with clients to discover, identify, and protect the information assets according to customer's priorities. They align the information security best practices to business objectives, discover the vulnerabilities and weaknesses, explain the legislative and regulatory requirements information system have to comply with and finally, help the staff get trained to understand their roles and responsibilities in this cyber security space.

We are using the following process to review and propose the efficient cyber security strategy:

• Information Gathering
• Threat profiling
• Vulnerability assessment
• Cyber review report and mitigation options
• Remediation or Improvement steps

Am-Pro can provide or recommend a fully operating out of the box Information Security Management System which will enable clients to be agile to business changes. This way Clients are normally reducing their operational costs.

COMPLIANCE

In terms of Compliance related service, we assist organizations that need to comply with industry and government standards for IT security. We’ve served small and medium businesses, corporates and banks with capabilities for assessing and evaluating their systems in advance of audits and testing for security authorization.

Our experts are certified for in different international standards:

• ISO 27001
• PCI DSS
• NIST

Auditors are using the approach of applying best practices to let businesses and organizations succeed in both: compliance and business objectives. Working closely with every Customer our experts are making the deep research, analysis, report the discovered incompliance, provide options for remediation and finally, can continuously support the customer with advice and recommendations.