Monitoring And Detection
A Proactive Approach To The Evolving Cyber Threat
You can’t defend what you can’t detect, we provide an extensive solution that encompasses external threat intelligence monitoring and incident detection to provide real-time alerts across your technology stack.
Monitoring And Detection
CSA provides services to over 35,000 devices across the globe with a market-leading product offering extended detection and response. Without expert knowledge, many organisations waste time by investigating unreliable alerts, meanwhile genuine threats can go undetected for an average of 146 days. That is plenty of time for a cyber criminal to gain access to sensitive and private data!
Part of an effective cyber security defence is having robust monitoring and detection services in place so you can be on the constant lookout for security threats lurking in any network traffic. Monitoring and detection is a proactive and advanced approach to cyber security that not only detects suspicious activity, but actively hunts down threats, monitors cyber security 24/7, assists in rapid breach incident analysis and responds to eliminate threats from the system before they become an issue.
Gaining intelligence of external threats through rigorous monitoring before they threaten your business
CSA’s cyber intelligence assessments use our unique combination of open and closed source intelligence feeds designed to detect threats outside of an organisation’s normal working environment across websites, Dark Web, social media and more. With these feeds we can draw up a comprehensive analysis of the potential source of an attack, the likely methods and techniques that can be used by an attacker and the potential impact on a business.
The cyber threat intelligence & assessment services are conducted within the CSA Security Operations Centre (SOC) by our experienced and trained cyber analysts. The service can also be used in parallel with the CSA end-point detection service, BorderPoint, and protection service AppGuard to provide both an internal and external cyber managed service.
A state-of-the-art security incident detection service providing real-time subscription-based monitoring service
Delivered by our experienced cyber analysts, BorderPoint is a continuous protective threat monitoring and detection capability designed and implemented by CSA to identify and detect cyber threats in real time so that customers can be notified of new potential vulnerabilities and attacks and advised on appropriate remedies.
The BorderPoint service is delivered by experienced cyber analysts who monitor the SIEM system located at the CSA SOC. Activity is continually monitored and cross referenced against the CSA Threat Intelligence Database where a bespoke security rule set triggers alerts when activity is identified as potentially suspicious.
A key benefit of BorderPoint is that it monitors endpoints inside and outside of the office network, some SIEM services only monitor devices inside the network so when a laptop leaves a site BorderPoint still has it covered whereas other SIEM services do not.
Monitoring & Detecting
A council-based bridge and ferry management company came to CSA with a concern that it did not have adequate visibility and monitoring of its business and operational systems. This was a prime opportunity to implement the CSA BorderPoint capability to provide a robust monitoring and detection service.