Score: 0-Vulnerable
HERE'S WHY ALL THESE ACTIONS GIVE A FALSE SENSE OF SECURITY
EDR SOLUTIONS DO NOT
A lot of attacks these days completely bypass EDR protection through various means. There’s a whole subsection of penetration testing and red teaming knowledge dedicated to bypassing EDR.
SIEM GENERATE A LOT OF NOISE
SIEMs collect a large amount of data. The task of searching through large amounts of data for anomalies and threats and creating custom detections for them is too much for cybersecurity employees to manually perform. This also follows what’s known as a “blacklist” approach, and doesn’t scale well for larger organizations.
FIREWALLS DO NOT PROVIDE ENOUGH PROTECTION
For users, as it’s easy to fool a firewall into allowing malicious network connections. In addition to this, most attacks involve social engineering, which leverage techniques that are completely allowed by firewalls.
PENETRATION TESTS ONLY FIND WHAT THEY TEST FOR
Penetration tests only find exploitable vulnerabilities that the penetration testing team knows about, and only test the defenses for whatever is in scope for the penetration test. It's impossible for them to test every single way to exploit a system, network, or organization.
CHECK OUT OUR PREMIUM SERVICES THAT CAN ACTUALLY HELP DETECT, PREVENT, AND RESPOND TO INCOMING THREATS
THREAT HUNTING
Find imminent threats that may have been lost in the noise of your data.
HIGH VALUE UEBA
Determine a “normal” for your users, which will allow you to easily detect any anomalies deviates from that base line.
SIEM SETUP & CONSULTANCY
Work closely with me, a veteran of the Space Agency's cyber security team, to setup your security information and event management.
GENERAL ANOMALY DETECTION
I'll help you retrieve data from any source, identify, and score anomalies within the set and determine the appropriate action.