Managed Endpoint Detection and Response
The endpoint is commonly seen by attackers as the weakest point of most organizations’ cyber defense systems. Kudelski Security Managed Endpoint Detection and Response Service uses the CrowdStrike Falcon™ host platform and expertly trained analysts to detect and respond to threats – known and unknown – that target the endpoint.
Security data collected by the platform is automatically enriched with up-to-the-minute threat intelligence and analyzed for signs of malicious activity. When a potential threat is identified, the CFC’s Threat Analysis team receives an alert. Analysts filter out routine alerts from real incidents, collect forensic information from impacted endpoints, and provide guidance for containment and prioritized remediation. Indicators of attack are created and applied across our client networks, to immediately identify and block future adversary activity.
- 24x7x365 security event triage and analysis at endpoint level
- Indicators of Compromise (IOC) management
- Proactive threat hunting and monitoring across all environments (on premise, cloud, hybrid, OT/ICS, IIOT), included as standard
- Solution health & performance monitoring
- Incident containment
- Direct forensic data collection
- Reporting (incidents, escalation, trends, and real-time dashboards)
Managed Attacker Deception
Kudelski Security’s Managed Attacker Deception solution leverages Illusive Networks technology to create an alternate reality, transparently woven into an organization’s existing network. Attackers attempting to map out the network or move laterally within the environment are led into this alternate reality triggering high-fidelity alerts to the CFC for investigation.
The CFC’s Threat Analysis team will quickly verify if there is a potential security incident, collect forensic information from impacted endpoints and activate the client’s incident response plan – all before any data or critical assets have been compromised.
- 24x7x365 solution health and performance monitoring
- Solution deployment and management, software updates, configuration changes
- 24x7x365 triage and analysis of alerts generated
- Forensic data collection
- Security incident and case management portal
- 24x7 toll free hotline
- Service Reporting (monthly service reports)