Our solutions

Monitoring of information flow … why?

Confidential data is one of the goals pursued by hackers while attacking a network. A successful attack means compromise of sensitive data such as: logins, passwords, certificates, emails, commercial secrets and/or unauthorized system access, which enables an adversary to manage a remotely hacked system, disrupt its functionality or carry out surveillance. Additionally, it’s vital to understand that there is a variety of points of compromise: from laptop to gadget, used within organization’s wireless network. Meanwhile, accountants and system administrator’s computers are being targeted on a more frequent basis.

Threats model is extensive and may include

  • vulnerabilities
  • hacker attacks
  • infected devices
  • emails with malicious files
  • insiders
  • malicious applications
  • malicious websites and links
  • social engineering

CyS Sensor provides active monitoring of your network

Detection scope

  • malware infection (including mobile devices)
  • vulnerabilities, software bugs, intrusion attempts, networks attacks, threats sources and targets
  • permanent analysis of unauthorized information flow (detection of breaches, data exfiltration and information leakages)
  • Identification of backdoors (web-shells etc.) on web-sites and hostings

Benefits

  • Snort/Suricata rules for signature based DPI analysis, characteristic for a specific region/industry branch
  • numerous sources of signatures
  • access through a unified security platform, CyS Cloud
  • threat reports: analytics, statistics, customizable queries
  • individual tuning of detection capabilities according to existing InfoSec policy
  • multiple-source monitoring (LAN, DMZ1, DMZ2 etc.)

Security

  • secure cloud platform
  • access IP-address filtering, ACLs
  • event logging
  • secure communication (https/vpn)
  • only security alerts are transferred to CyS Cloud from the customer network
  • CyS Sensor deployed in isolated network segment
  • CyS Sensor can only be accessed from an administrator’s PC
  • signature integrity control