Threat Detection: modular services to monitor your business

Share

Even with substantial existing investment, security challenges still exist for today’s businesses. With 200 days on average between detection and response to a security breach, effective threat detection is essential. But simply overlaying technology is not sufficient. For effective threat management, your organization must be able to qualify and act on security alerts. This takes business alignment and long term investment.

Benefit from incremental threat visibility and advisory

Threat Detection, powered by Orange Cyberdefense, allows you to benefit from managed services or integrated complementary solutions based on SIEM, NTA (Network Traffic Analysis), EDR (Endpoint Detection and Response) and other technologies. All with the support of our expert consultants, SOC and CyberSOC analysts.

Log Management & Alerts

▪ Log collection and archiving
▪ Log aggregation
▪ Automated analysis
▪ Management via web portal
▪ Alerts via email, SMS, calls
▪ Reporting
▪ SOC support

Security Event Intelligence Standard

▪ Log Management functionalities +
▪ Correlation of security events
▪ Embedded threat intelligence
▪ Real-time event, analysis and recommendation by CyberSOC analysts
▪ Security Manager advice and support

Security Event Intelligence Advanced

▪ Security Event Intelligence Standard functionalities +
▪ Bespoke detection use-cases for correlation of security events
▪ Threat advisory by CyberSOC analysts

Targeted Detection

▪ Alerts based on anomalies in user and behaviors (unknown threats)
▪ Prompt detection and alerts
▪ Provides data for threat hunting
▪ Solutions deployed and integrated into your SOC or managed on a bespoke basis

Add-ons

▪ Consulting
▪ Vulnerability management
▪ Incident response retainer
▪ Data breach, fraud and breach monitoring
▪ Social and brand monitoring
▪ Red teaming and penetration testing
▪ DDoS mitigation

Make the most of your security investment

  • Deployment based on where your business is today
  • Flexibility to adapt and evolve to future organizational needs via complementary modules
  • Include monitoring of cloud-based applications via APIs to cloud environments for consistent visibility of security events beyond the enterprise perimeter
  • Extend monitoring to Operational Technology security

Configure your solution

  • Threat Detection adapted to your technology, operational and investment strategy
  • Technical set up: SIEM, EDR, NTA, UEBA, Big Data Platforms
  • Hosting options: On premises or in cloud (private, public, hybrid)
  • Operational options: In-house, managed or hybrid
  • Platform: Shared, dedicated on our or your premises, dedicated for Operators of Essential Services

Expert advice to define what is right for your business

  • ▪ Undertake a risk assessment
  • ▪ Determine the solution and tech set-up that suits your business and features to add or remove
  • ▪ Identify and map security log and data sources
  • ▪ Develop a detection policy
  • ▪ Define an alert management governance
  • ▪ Determine security KPIs for reporting