Backed by TIC DEFENSE, the world’s first private CSIRT accredited by Carnegie Mellon, which will provide information protectionservices and control of digital identity spoofing.
Our mission is to prevent, detect and manage incidents that affect institutions against cyber criminals who try to compromise theirstrategic information systems.
Service managed in real time for the detection and defense of situations of external and / or internal attacks with respect to the security of the Institution, allowing:
Digital security strengthening services, the following components can be enabled:
Component to collect, aggregate, index, and analyze security data, helping organizations detect intrusions, threats, and behavioral anomalies.
Have agents that scan systems monitored on malwares, rootkits, and suspicious anomalies.
Using agents, you can read the operating system and application logs, and securely send them to a central administrator for analysis and storage based on rules.
Monitor the file system, identifying changes in the content, permissions, property, and attributes of the files that need to be monitored. In addition, natively identify users and applications used to create or modify files.
Agents extract inventory data from the software and send this information to the server, where it correlates with CVE databases (common vulnerability and exposition) that are continuously updated, to identify known vulnerable software.
Monitor system and application configuration settings to ensure they comply with your security policies, standards and/or strengthening guides. Agents must perform periodic scans to detect applications that are known to be vulnerable, unpatched, or unsafely configured.
Provide active responses to listings to perform various countermeasure to address active threats.
Provide some of the necessary safety controls to comply with industry standards and regulations.
Help monitor cloud infrastructure at the API level, using integration modules that can extract security data from well-known cloud providers, such as Amazon AWS, Azure, or Google Cloud. In addition, provide rules to evaluate the configuration of your cloud environment, easily detecting weaknesses.
It will enable you to deploy edge security solutions and identify behaviors that can compromise your organization’s security pillars. Detection should be targeted at the different network segments catalogued according to the criticality of the information and the importance of the operation. The implemented system will allow to monitor end-user computing equipment, firewalls or user computers with the possibility of geographical independence allowing alerting to by a centralized management console.
© 2022 IQtek Solutions. All rights reserved.
