Once all the protections are in place, organizations must now acquire means of detection, analysis and response allowing them to detect abnormal behavior, to fight efficiently and quickly against cyber attacks while meeting the standards in force regarding security log retention.
As part of this operational security management,Brightway offers two operating modes:
- Ensure a monitoring activity on cyber threats (Cyber Threat Intelligence) targeting your information systems, in particular new unpatched vulnerabilities (0-day), new malware, phishing campaigns against your employees/customers, leaks of data and hacking operations.
- Conduct regular network and application vulnerability scans to identify and correct vulnerabilities threatening the security of the perimeter exposure area of your IS.
- Monitor security events threatening the confidentiality, availability and integrity of your information and assets in order to alert you in the event of a proven incident: this results in the definition of the monitoring perimeter, the determination of assets (machines, equipment networks, applications, etc.), the identification – with you – of potential risks, the implementation of the generation of relevant logs, the creation of detection rules and the definition of alert methods
- Intervene to respond to incidents, assist and support you in order to restore normal service as quickly as possible, minimize the impact of the incident, identify the source of the attack and assess the impact of the incident. At the end of the intervention, a report describing the incident and remediation recommendations will be delivered to you.
In addition to your expertise, BRIGHTWAY recommends that you discover: