Security Patrol

Managed Services

Providing protection, detection & control capabilities for both operational and technical cyber risks.

Why do I need Security Patrol Managed Services?

Secrutiny’s Patrol Services monitor all aspects of IT and behaviour to inform of change and risk as it appears in the business, be that bad practice from internal or third-party IT support teams, or an external phishing link with weaponised content sent to exploit the user.

The Patrol Services will alert on the following:

 

  • Policy violation.
  • Internal bad practice or misuse.
  • Increased susceptibility due to build or configuration weaknesses.
  • External attack.
  • Third party misuse or bad practice.
  • Unauthorised or suspicious user behaviour.
  • Targeted intrusion and insider.

What are the Patrol Services?

Network Patrol
Network communications entering, leaving and traversing an organisation are a source of important real time data; it informs who is communicating what to where. Therefore, forms a mandatory information feed for detection, investigation and validation of potential threats.

Network Patrol can also assist in identification through vulnerabilities being exploited, such as, inadvertent or malicious human actions or data breach due to systems being compromised.

Policy Patrol
Today organisations face a catch-22: you want to allow cloud communication and collaboration services as they can increase productivity and efficiency but by doing so, the risk of loss of sensitive data increases significantly.

Data Loss Prevention (DLP) policy and good practice behaviour must be maintained and monitored to limit the risk of Data Loss or Sabotage; the Policy Patrol Component does just that.

User Patrol
The biggest risk to an organisation is the user; for material breach, an attacker needs to compromise a user and assume the privilege given for their credentials, while an insider will abuse their privilege to access target assets. To mitigate these goals being achieved monitoring of access behaviour is required.

In the event of an alert of suspicious activity based on out of profile usage or evidence of known compromise the User Patrol Component can take remedial action based upon policy to block the activity or access or request re-authentication of the user.

Endpoint Patrol
No Endpoint Protection Technology provides a fool proof solution. Endpoint Patrol augments protective technologies by alerting on unusual behaviour, which can signify misuse or breach, and changes to posture, which can increase susceptibility to attack such as Operating System, Productivity Applications and Antivirus build variance and patch compliance.
Control Panel
The Control Panel is Secrutiny’s centralised security incident management system with advanced alert validation and forensic investigation toolset to confirm alert severity and remove false positives along with threat intelligence to enrich alerts. Alerts generated from the Service Components are processed through an orchestration engine which ensures that the appropriate response playbooks are applied.

For a 360o view, the Patrol Services can be extended with the ingestion of other data sources such as existing security technologies, activity log repositories and finance systems.

WANT TO LEARN  MORE?
BOOK A DEMO…

See how Secrutiny’s Managed Patrol Services provide protection, detection and control capabilities for operational and technical cyber risks, just fill in your details below.

Keeping you up-to-date

*We’d love to keep you up to date with security alerts, free tools & techniques, event invites and company updates. We’ll always treat your details with the utmost care and will never sell them to other companies for marketing purposes. Remember you can change your preferences and opt-out at any time.