DataSure24’s Western New York-based Security Analysts monitor an organization’s critical infrastructure and data for malicious and threatening activity 24/7. This allows an organization to know what is happening across its environment in real time, protecting clients against breaches, including ransomware, zero-day exploits (attacks that occur as soon as a software weakness becomes known) and other emerging threats.
The Steller Cyber Open XDR platform that drives the DataSure24 24/7 Managed Detection & Response (MDR) service will tie the other platforms and technologies together to leverage their capabilities and bring information together to provide our clients with an unparalleled level of visibility into the operational effectiveness of its cyber defenses.
24/7 Managed Detection and Response components include:
- 24/7/365 Security Monitoring
DataSure24’s security analysts provide continuous monitoring of an organization’s environment, including its network, servers, workstations and network devices, and notify clients of potential security notifications and potential security events.
- Incident Detection & Response
Risk investigation and mitigation, quickly identifying action to be taken with your team .
- Network Intrusion Detection
Network-based monitoring, creating alarms for any malicious activity identified on the network
- Host Intrusion Detection.
Host-based monitoring of individual machine activity, alerting DataSure24’s security analysts of any malicious activity.
- File Integrity Monitoring
Tracks and notifies DataSure24 Security Analysts of any changes to key files and critical data.
- Monthly Internal Vulnerability Scanning
Internal infrastructure is scanned on a monthly basis using the Nessus vulnerability scanning tool to identify newly discovered vulnerabilities and security gaps that can be exploited to compromise the organization. DataSure24’s security professionals analyze the scan results and recommend remediation paths as needed.
- Log Aggregation & Correlation
Once critical information systems are defined, plug-ins are enabled to comprehend and parse the information. This significantly aids not only the intrusion detection system, but end user capability to correlate multiple events across the defined information systems.