Download Whitepaper: Achieving SIEM Efficiency Through Proactive Validation

SERVICE DESCRIPTION

The "Threat Centric Perimeter Defence Validation & Hardening" service measures the readiness of network intrusion prevention (NIPS) and web application firewall (WAF) solutions against a large set of recent advanced threats. If any gaps are identified, customers of this service will be notified of required policy update actions tailored to their specific environment.

WHY IS THIS SERVICE IMPORTANT?

NGFW/NIPS and WAF are two of the most fundamental application-level perimeter cyber defence technologies. Companies invest significant amounts of money and time each year in deploying and maintaining NIPS and WAF products from various vendors. However, despite this investment, there are no metrics to determine if these technologies are always fully utilised. In fact, post-analysis of cyber breaches indicates that NIPS and WAF products often miss attacks that they could have blocked if they had been used efficiently.

"Threat Centric Perimeter Defence Validation & Hardening" provides threat-centric metrics and policy update hardening measures to fully utilise NIPS and WAF investments, and reduce the number of cyber incidents from the outset.

FEATURES
  • Powered by cutting edge technologies, the Cynode Ultima platform ensures easy deployment and safe operation in production environments.

  • Assessments can be scheduled or performed on-demand, using a curated library of real-world malicious techniques.

  • The service offers a wide range of reporting options with actionable insights.

  • Threat and mitigation updates are provided both routinely and in response to specific situations.

BENEFITS
  • On average, 70% efficiency increase on your existing NIPS and/or WAF.

  • Detect and stop more attacks at the perimeter.

  • Better Return on Investment and lowered Total Cost of Ownership.

  • Free up time for the operations team.

TYPE OF ATTACKS
  • Understand how effectively your security controls block local and remote code exploitation.

  • Determine if your defences are capable of blocking code injection, denial of service and brute force attacks.

WHO SHOULD USE IT
  • CISOs need to understand the current state of the defensive platforms, their efficacy and be aware of any gaps in it's policy

  • Security Managers need to understand how effective their security operations team are

SUPPORTED SOLUTIONS
  • continuous threat simulation, detailed reporting and mitigation recommendations.  SIEM integration for additional reporting and compliance

  • continuous threat simulation, detailed reporting and mitigation recommendations.  SIEM integration for additional reporting and compliance

  • continuous threat simulation, detailed reporting and mitigation recommendations.  SIEM integration for additional reporting and compliance

  • continuous threat simulation, detailed reporting and mitigation recommendations.  SIEM integration for additional reporting and compliance

DELIVERY AND MODE OF USE
  • 30-Days or Annual contract options. 

  • Reporting (daily, weekly, monthly, etc.) based on attack types and changes in threat blocking (unblocked or unblocked to blocked), as well as efficiency tracking.

  • Regular notifications for configuration update content and requirements.

  • Instant notifications for urgent threat update requirements and sudden drops in blocking rates due to internal failures (licensing, hardware, or human errors).

Sign up here to register your interest in a free trial

Update cookies preferences