CyberProof Service CatalogCYBERPROOF DEFENSE CENTER

© 2018 CyberProof. All rights reserved. CyberProof Service Catalog | CYBERPROOF DEFENSE CENTER 2

Contents01 Real-Time Monitoring

02 Incident Response

03 Continuous Vulnerability Intelligence

04 Proactive Threat Intelligence

05 Threat Hunting and Malware/Forensics Analysis

06 Security Infrastructure Management

4

4

4

5

5

6

Overview

Organizations are becoming ever more exposed as cyber-attacks become more complex, creative, and targeted. The growing skills gaps makes it even more challenging to support the growing availability of security tools needed for cyber resiliency.

The CyberProof Defense Center (CDC) is a next generation SOC platform that is fully managed by our team of experts 24 x 7 x 365. Our unique operational experience and collaboration platform means that you can focus on your business, while we monitor and respond to your security incidents and risks. In the face of an increasingly hostile threat environment, the CyberProof Defense Center integrates all the key elements you need to detect threats early and respond rapidly and decisively, at a price point and with flexible engagement models that makes sense for yourbusiness.

The technology independent platform means that we can aggregate and correlate multiple monitoring sources, SIEM solutions, threat intelligence sources, and vulnerability scanning tools.Continuous

VulnerabilityIntelligence

Malware, Forensics &

Threat Hunting

ProactiveThreat

Intelligence

AutomatedIncident

Response

Real-timeMonitoring

SecurityInfrastructureManagement

CYBERPROOFDefense Center

KEY SERVICE ADVANTAGES

24 x 7 x 365 operations

Flexible engagementmodels

Actionable intelligence

Minimized false positives

Nation state expertise

© 2018 CyberProof. All rights reserved. CyberProof Service Catalog | CYBERPROOF DEFENSE CENTER 3

Real-Time MonitoringObjective: Eyes on glass monitoring and detection of events where alert management is streamlined and optimized for faster and more accurate incident detection.

Services Overview:Real-time monitoring of logs from multiple sources correlated and interpreted by our cyber defense team. The CyberProof Defense Center streamlines and optimizes alert management for

Network routing andmonitoringUnauthorized accessdetectionAsset/system monitoring Data monitoringPlaybook optimizationIncident handling withautomated proceduresReporting

Service Components

faster and more accurate incident detection. Monitoring is enhanced by SeeMo, an AI Bot. SeeMo continuously adapts and improves as an extension of our expert team.

Incident ResponseObjective: Orchestrate incident response processes and respond in near real-time, reducing mean time to respond from weeks to hours.

Services Overview:The team ensures proactive preparation, incident management and recovery from attacks and

Alert correlationIncident notificationEvent investigation Recovery from attacksand breachesActionable outcomes

Service Components

breaches based on deep cyber expertise and machine learning automation. The team ensures proactive preparation, management and recovery from attacks and breaches, providing root cause analysis identification and full incident investigation, reporting and recovery.

Services Overview:Utilize threat methodologies, dedicated intelligence and automated procedures to proactively identify vulnerabilities, assess impact and prevent critical incidents. As an integral part of the CyberProof service platform, vulnerability intelligence findings are picked up by the CyberProof Security Analysts who review the simulation reports and recommendations and decide how best to respond.

Continuous VulnerabilityIntelligence Objective: Provides continuous vulnerability scanning to simulate attacks against enterprise infrastructure. Advanced Persistent Threat solution identifies the attack vectors hackers use to compromise an organization’s critical assets.

Breach & attack simulationLateral movement simulationAdvanced Persistent ThreatAutomated Red-team/ Blue-team simulation Real life attack simulationto expose your crown jewels

Service Components

© 2018 CyberProof. All rights reserved. CyberProof Service Catalog | CYBERPROOF DEFENSE CENTER 4

© 2018 CyberProof. All rights reserved. CyberProof Service Catalog | CYBERPROOF DEFENSE CENTER 5

Proactive Threat IntelligenceObjective: Increase your cyber resiliency with deeper insights and earlier detection of potential attacks, based on adversaries’ modus operandi. Threat Intelligence enables the rapid detection of deceptions and threat actors in a way that is accurate, relevant, and actionable.

Services Overview:Our team of threat intelligence experts utilize threat methodologies, dedicated intelligence and automated procedures to proactively identify,

Adversaries trends (TTP analysis)IOC sharing & implementationTargeted phishingidentification, investigation and takedownAlert investigationBrand monitoringPeriodic and on-demand reports

Service Components

integrate and correlate vulnerabilities, assess impact and prevent critical incidents. The platform provides an additional early warning system that provides preemptive alerts for imminent threats, with a clear translation of this intelligence into security actions. By proactively detecting cyber threats in near real time, the service analyzes, categorizes, and prioritizes cyber-threats by using proprietary data mining algorithms and unique deep learning capabilities.

Threat Hunting and Malware/Forensics Analysis Objective: Leverage nation-state level offensive and defensive security experts to provide in-depth analysis of system’s logs, routing analysis and artifacts for incident confirmation and hunting.

Services Overview:Our specialists have broad knowledge of advanced attack methods and deep knowledge of malware or machine level exploits. The team

Host/network forensics Static/dynamic malware analysisForensics investigation for endpoints including PCs, laptops, mobile devices, IoT devices, etc.Malware reverse engineeringThreat hunting indicators of attack

Service Components

conducts threat hunting and stands ready to participate in incident response bring specialized expertise in malware reverse engineering, network forensics and endpoint forensics.

© 2018 CyberProof. All rights reserved. CyberProof Service Catalog | CYBERPROOF DEFENSE CENTER 6

Security InfrastructureManagementObjective: Provide expert support services for timely patching and remediation of your IT and security systems.

Services Overview:An expert infrastructure management and cyber security team who manage the security devices including SIEM and detection systems. The security infrastructure management function is

SIEM deployment, management and tuningSecurity products optimizationEPS reduction Vulnerability and patch managementAvailability monitoring Case managementService reporting

Service Components

critical to maintain effective levels of detection. The team monitors the health of security devices using our 24x7 NOC, continuously refines the SIEM use cases, automates portions of the playbooks to reduce response time or improve productivity, and builds integrations to other security (e.g. firewalls, IPS, etc) enabling rapid response capabilities in defined threat scenarios.

About CyberProofCyberProof is a security services company that helps companies increase cyber resiliency. We reduce risk by managing and operating a newly architected Security Operation Center (SOC) that dramatically reduces costs while increasing the ability to rapidly react, detect and respond to cyber-attacks. We provide pioneering services that utilize new technologies, machine learning and fuse diverse sources of intelligence together to keep your organization safe from cyber threats.

For more information visit www.cyberproof.com