Managed Security Services

Most digital networks are by their nature always on and therefore subject to attack at any time. We approach managed services as the premier way to deliver cyber resilience through continuous active monitoring that employs a hybrid approach of automated software and human cyber surveillance.

A (Security Operation Centre) SOC is more effective than passive cyber security monitoring systems and provides better and more rapid response to an attack or other security incidents; however, in-house SOC operations are neither optimal nor practical for many organisations that nevertheless need SOC-level risk mitigation.

DarkMatter’s Managed Security Services provides a solution through around-the-clock, on-premise or remote monitoring, remediation and resolution services.

 

 

Security Operations Centre (SOC)

 

 

DarkMatter’s experienced, trained and government-security cleared teams provide on-premise and remote SOC solutions that monitor global, regional and local threat feeds, and analyse user and network behaviour on both a near real-time and historical basis.

The solution aggregates and fuses data sources from inside and outside the organisation, including threat intelligence, active defence measures and advanced big data analytics.

On-Premise SOC

This solution is ideal for organisations with complex and high-risk network and cyber security requirements. Services include:

  • Intrusion monitoring, incident analysis, investigation and response
  • Security engineering, and operations and maintenance (O&M) of security technologies
  • Full-content network traffic monitoring and analysis
  • Collaboration with cyber centres and government cyber emergency response teams (CERTs)
  • Integrated cyber threat analysis
  • Insider-threat detection, investigation and mitigation

Remote SOC

Delivered from DarkMatter’s state-of-the art, next-generation facility, our Remote SOC solution features some of the most advanced IT and cyber security infrastructure in the region. When we identify suspicious activity that needs your response, we will inform you immediately and let you know what steps you need to take.

Additional features:

  • Remote monitoring, remediation and resolution
  • Advanced correlation analysis
  • Monitoring of security technologies
  • Governance, risk and compliance monitoring
  • Continuous vulnerability management
  • Advanced cyber network defence services

Hybrid Security Operations Centre

Our Hybrid Security Operations Centre offers on-premise augmented SOC resources during core business hours and remote SOC resources monitoring after core business hours, weekends and holidays. This also can include ad hoc and scheduled managed security services such as risk and compliance monitoring and vulnerability assessments.

Threat Intelligence and Malware Analysis

 

Drawing on intelligence from local and international Computer Emergency Response Teams (CERTs), leading research and academic institutions, Internet Storm Centres, and Incident of Threat notification platforms around the world, we analyse and consolidate emerging trends and developments in cybercrime to help us understand threat vectors, attack scenarios and attack geolocations.

We analyse attack types and the cybercriminals behind them, using this intelligence to shape short-term remedial responses and build long-term network resilience for our clients.

Key features:

Advanced Threat Intelligence – We provide high value, enriched, contextualised real-time visibility of threats and threat actors specifically for unique targets, assets or identities.

Malware and Reverse Engineering – We unravel the most advanced persistent and human morphia threats by deconstructing payloads line by line, whether delivered to desktops, servers or mobile devices.

 

Vulnerability Management

 

With changing IT landscape Vulnerability management is also evolving. Organizations are using more virtual and cloud assets. Networks are perpetually busy mobile devices coming and going. Traditional periodic scanning needs to be relooked into and evolve with changing times.

We work with dynamic partners and technologies to provide the most accurate information about all your assets and vulnerabilities in ever-changing environments. Some of the key features of the assessment we so are a streamlined interface, intuitive guidance, and seamless integrations that help security teams maximize efficiency. 

The key benefits offered to security teams are:

Eliminate blind spots: as this is a very comprehensive asset and vulnerability assessment coverage, with accurate asset tracking

Boost productivity: as you can run your first assessment in less than 5 minutes.

See what you need to know: by receiving clear actionable dashboards and insights.

 

Insider Threat Intelligence

 

Businesses are increasingly concerned with insider threats as a business risk with more and more companies seeking insider threat detection and prevention processes and tools than ever before.

To fight insider threats there needs to be a fusion between security teams and technologies. We tie security events to users across the organisation to identify high-risk user profiles and provide scoring and prioritisation of suspicious behaviour.

Our threat intelligence team provides valuable monitoring, as well as investigative and contextual reporting in real time, while requiring few resources to maintain. 

 

Managed Detection and Response

 

Our Managed Detection and Response team utilizes Artificial Intelligence (AI) techniques and machine learning to provide high-speed cyber defence.

We help building next-generation capabilities for threat detection and response. Our team delivers advanced detection and response as a service, removing the complexity and minimising the cost of building in-house next-generation security operations for our clients.

 

Resources