Strategy

By analyzing your company’s security defences, we establish the vulnerabilities that your company might have and create a tailored security solution that fills the gaps and the needs for your business. This allows you as a professional to focus on your clients with the knowledge that your company is protected and secure.

We provide each company with tailored security services that fits in with the needs and vulnerabilities that we found while analyzing the company's security defences. By providing specific solutions your company is better protected and your security is up to date to prevent future possible attacks from external or internal threats.

graph
graph

Cyber Threat Intelligence

Threat Intelligence, is organized, analyzed and refined information about potential or current attacks that threaten an organization. The initial purpose of threat intelligence is to help a company understand the risks and threats of the most common and severe external or internal threats. The information collected helps companies understand the threats they are most vulnerable for and what they can do to protect themselves from damage.

Understanding the threats that your company might face and how to prevent these attacks are crucial in today's digital environment. With hackers finding smarter ways to attack and threats harder to identify it is important to make sure you are protected at every level to secure, not only your information, but the information of your clients as well.

graph
graph

Cyber Risk Management

The next step in securing your business is to have a risk management plan in place to minimize, monitor and control the impact that the risks might have on your business. The damage that can be caused without a proper risk management solution can lead to data breaches, financial loss, reputational damage and disruption of operations. By implementing the following we minimize the threats that can damage your business.



1. Security Operations Centre (SOC)

We monitor, asses and defend your information security systems by doing a vulnerability assessment (process of defining and prioritizing vulnerabilities in computer systems, applications and network infrastructure) and penetration testing (practice of testing a computer system, network and web application for vulnerabilities that an attacker could exploit).

We also plan, design, build and maintain your security platform that protects your business against threats that want to damage and disrupt your operations.

2. Security Information & Event Management (SIEM)

By combining Security Information Management and Security Event Management, we provide real-time analysis of security alerts.

• Security Information Management (SIM)

Software that automates the collection of event log data from security devices. The data is translated into correlated and simplified formats such as reports, charts and graphs.

• Security Event Management (SEM)

Enables the recording and evaluation of events and helps security or system administrators to analyze and manage the information security architecture, policies and procedures.

3. Network Operations Centre (NOC)

We have a 24/7 monitoring centre that monitors the security system for any issues or threats. We monitor the physical servers, backup platforms; uninterruptible power supplies (UPS), VoIP systems, switches, routers, firewalls and storage platforms. Our system and data centre is made up of your entire virtual infrastructure and applications stack, along with on premise cloud environments.

4. Service Desk

We have a 24/7 communication centre that ensure our clients receive appropriate help in a timely manner with single point of contact to make sure time-sensitive information is handle accurately.

digital-security
Digital Security

The protection of an online identity. Criminals are finding new and creative ways to steal information from digital users. By implementing the following tools we help protect your identity, assets and technology online and on your mobile.

Brand Risk – This is the damage to your company’s reputation by means of scams, fraud, misuse of company intellectual property, corporate defamation and account impersonations and compromises.

Cyber Risk – Cyber risks can appear in many forms such as phishing, data leakage and malware infection through digital platforms. Some organizations and employees do not realize they are at risk at the time and only find out when it is too late.

Physical Risk – Acts of terror by external employees, protests or disruption of business.

mobile-security
Mobile Security

Protection of smartphones, tablets and other portable devices and the networks they connect to from threats associated with wireless computing. We protect your devices by implementing the following:

Enterprise Mobility management - Managing and securing of business related data as well as employee owned devices without having a major impact on the general user experience. By securing the business-related data in a password protected container the enforced solution does not have any effect on employee owned content and only business related data will be wiped when the employee leaves the organization or in case of theft or loss.

Mobile Threat Protection / Prevention - Mobile threat defence solutions detect behavioural anomalies, perform vulnerability scans to identify configuration weaknesses, monitor network traffic and scan the device for weak applications that could potentially put business data at risk.

Enterprise Vault - Enterprise Vault is the enablement of securely working and sharing documents using multiple devices with both internal and external parties whilst having certain controls applied. The benefits of having such a solution is that users can be more productive and have peace of mind that the content is safe and secure.

digital-security
Application Security

The use of software, hardware, and procedural methods to protect applications from external threats. Security is becoming an increasingly important concern during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats.

Web Application Firewall (WAF) - Purely designed to secure web applications from known vulnerabilities, to prevent SQL injections and to prevent DOS/ DDoS attacks. Depending on the technology, it can also offer virtual patching, prevent data leakage and protect against zero day exploits.

application-security
Endpoint Security

The approach to the protection of laptops, desktops and servers that connect to the corporate network and create attack paths for security threats. We protect these devices by implementing the following:

Advanced Threat Protection (ATP) - Threats nowadays are more focussed and targeted with a huge amount of intelligence built into them. The unknown or zero-day threats are also of great concern to any enterprise. Grouping of more advanced defence mechanisms that can be centrally managed in order to obtain a holistic overview of the threats that are potentially targeting or threatening organizations.

Anti-Virus
Antivirus safeguards the Endpoint against the traditional computer viruses, as well as backdoor viruses, rootkits, potentially unwanted programs, phishing attacks, adware and spyware that originate from any infection vector accessible from the Endpoint.

NGAV (Next Generation Anti-Virus) examines every process on every endpoint to algorithmically detect and block the malicious tools, tactics, techniques and procedures which attackers rely on.

NGAV does four, critical things to protect your business:
1 – Prevents commodity malware better than traditional AV
2 – Prevents unknown malware and sophisticated attacks by evaluating the context of an entire attack resulting in better prevention.
3 – Provides visibility and context to get to the root cause of a cyber attack and provide further attack context and insight.
4 – Remediate attacks.


Firewall
A Firewall (whether this is host based or at the perimeter of a network) is required to protect the Endpoint from unauthorized access from other systems. Simply put, it builds a virtual wall with a set of specific controls that are implemented according to enterprise requirements. Intrusion Prevention Systems - IPS is an additional add-on that is normally a signature-based solution that can further protect endpoints against the more complex threats – the known and/or zero-day threats if the latest signature is available on the Endpoint.

Encryption
Endpoint Encryption reduces the risk of loss, theft or unauthorized exposure of sensitive data by encrypting the entire hard drive or removable media device. The data is only accessible to authorized individuals by means of password authentication.

digital-security
Content & Data

Data is the most important part of your business – it holds your customer information, your intellectual property, sensitive communications and social media updates. The issue with data is that it can fall into the wrong hands quickly and put your business and clients at risk. We protect your content and data by implementing the following:

Digital Certificates
• SSL Certificates – Protect website data by creating encrypted connections between the end user’s browser and the server
• Code Signing Certificates – Digitally signs a program to verify the author’s identity and ensure it has not been compromised by a third party.
• Document Signing Certificates – Ensures that the recipient, once the document has been signed, has not received an altered document without approval from the author.
• Data Leakage Prevention (DLP) – Implementation of a tool or set of tools to prevent accidental or intentional exposure of critical or sensitive business information.

Email Filtering
The automatic processing of incoming and outgoing email messages against a set of predefined measure and controls:

The process includes (but is not limited to):
• Anti-Spam - Scanning email messages for certain patterns that could classify the email as being a spam email
• Whitelisting – Exclusion of certain email messages / senders from the controls that were put in place
• Blacklisting – Addition of extra controls to certain senders or blocking them
• Content – Evaluation of email messages for certain content based on the policies that were defined for acceptable mail use in an organization or for containing certain URLS that could be malicious.

Email Security
Sending and or receiving secure email is critical in the corporate environment and it should be a priority for all businesses. In the end, the main goal needs to be to secure business information that traverses email systems.

Methods that can be used to secure email:
Ensure sufficient email filtering services
Encrypt emails and the communication between mail servers
Confirm the sender is legit using digital signatures
Do not make use of free mail, and or webmail based email solutions, for business correspondence
Ensure that employees have knowledge of the potential impact that their decisions to open unknown emails could have on the enterprise

Web Filtering
Open Internet is not a safe practice in the digital age due to the content that is available to internet users. Internet filters and control software is definitely a need to evaluate internet traffic and as a result to ensure a pleasant experience on the internet.

The process includes (but is not limited to):
• Content - Certain content might not be appropriate based on the policies that were defined for acceptable internet use in an organization or for containing certain URLS that could be malicious.
• Whitelisting - Excluding certain internet sites that were put in place
• Blacklisting - Blocking certain internet sites that were put in place

Database Security
Database Security is one of the biggest concerns, especially when it comes to the whole compliance spectrum of IT Security.

Some areas that database security addresses are that of:
Scanning database configurations to ensure that best practice benchmarks are adhered to; for example weak passwords
Vulnerability scans in order to identify missing patches and hotfixes
Database auditing to highlight what your DBA's / user accounts are doing on the database solution
Hiding / masking sensitive information from the DBA, other users or third party applications, for example credit card information
Encrypting database content

digital-security
Network Security

Any activity designed to protect the usability and integrity of your network and data, this includes hardware and software technologies. By implementing the following we make sure your network is secure and protected:

Identification of Vulnerabilities
Vulnerability Assessments
An ongoing process that assists organizations in the identification of known vulnerabilities that form part of the network and the devices that are connected. Vulnerability scanners typically highlight the problems as well as proposed counter-measures that can be implemented to mitigate the vulnerabilities that have been identified.

Penetration Testing
The process of performing an authorized attack simulation on the information security infrastructure to exploit vulnerabilities and to provide a report containing a description of the vulnerabilities and the risk they may pose.
Penetration Testing can be divided into three main sections:

White Box Testing:
The test implementer has full access to the information of the system being tested. White Box Testing ensures that the system is thoroughly tested. However, it does not simulate a true attack as the tester has information that would not be available to a true attacker.

Black Box Testing:
The test implementer only makes use of information extracted as part of the attack to perform the test. This method simulates a more realistic attack scenario. The only disadvantage is the possibility of certain areas remaining untested.

Grey Box Testing:
The test implementer only has access to specific information related to the system being tested.

Preventative Measures

Vulnerability Management
An ongoing process that requires the output of the vulnerability assessments to commence with the process of remediation or mitigation of the vulnerabilities. Phases that can form part of the management of vulnerabilities can be:
Install the recommended patches or hotfixes
Upgrade to more recent versions of the software
Reconfigure software based on the recommendations from the scan results
Update or change configuration of perimeter defences
Ensure up to date IPS signatures in place

Perimeter Firewall
A system that has been designed to prevent unauthorized connections from entering or leaving the network as well as to provide monitors based on a specific set of controls. These systems can be found in different forms - either hardware or software based or a combination thereof.

Traditional firewalls were designed with a simplistic approach to primarily allow, block or reject a connection if not specified in the controls. Next generation firewalls provide more granular controls, are based on intelligence and greater visibility on all the layers of the network stack.

Secure Remote Access
Remote access is crucial to any employee that needs to access corporate resources from remote locations and it is even more crucial to ensure that the access to their information is secure.

Employees should also not be limited to certain device types (endpoint or mobile) and this should be an extension of the office. We use SSL VPN or client based VPN technology to provide users with secure connections.

User authentication, authorization and accounting
User authentication, authorization and accounting, also referred to as the Triple A’s of Authentication, entails architecture where user authentication takes place by means of providing a unique set of information which, once authenticated, the user is either granted or denied access to a system or network. Accounting relates to activity tracking in order to determine time spent on a specific system, amount of data used and failed and successful login attempts into a system.
TACACS or TACACS +
RADIUS
LDAP or Microsoft AD

Network Intrusion Prevention System (IPS)

A system that inspects all inbound and outbound network related activity and identifies possible suspicious patterns that may indicate that a network resource or system is under attack from someone (internal or external) attempting to break in or compromise these systems.

Want to Connect? Send us a message

Partners