Technologies such as firewalls and anti-virus attempt to keep malware from entering the network in the first place. We utilize state-of-the-art prevention technologies such as SonicWall firewalls, Cylance endpoint security and Proofpoint email security. But we also understand that none of those can guarantee the safety of your network. Despite all the available technologies, some malware manages to get past those defenses and onto devices on a trusted network.
Most malware, except for categories such as ransomware, doesn’t want you to know it’s there. It wants to hide from you as long as possible. That’s why we’ve developed an advanced threat detection system that monitors the activity on the network and detects when malicious activity occurs. Even when a host on your network exhibits no outward symptoms of a problem, if compromised it will begin to behave differently in ways that can be detected. Cerdant’s Threat Detection System listens for that activity. We look for nearly 2 dozen behaviors devices that are compromised often exhibit. When the system detects that activity, it automatically assigns the case to one of our Security Analysts for further investigation. Once a problem is identified, we contact you and work with your team to take the next steps to eliminate the problem.
A large percentage of your organization’s network security hinges on your ability to detect and respond to threats quickly and efficiently. With limited time and resources, the essential review and monitoring of security events is often neglected and malicious activity on your network goes undetected. With the Cerdant Sentry Managed Security Service and network monitoring solutions, our team of security experts act as an extension of your IT team so that you can focus on your business with the confidence that your network is being properly monitored and threats are being identified and responded to.
Monitoring user and administrator activities is a vital piece of any Threat Detection solution. Cerdant will constantly be monitoring for behavior like multiple firewall login attempts, strange downloads or file transfers, and connecting to unknown foreign IP addresses, among many others. We will filter out the noise and open actionable cases to investigate this activity as part of your data loss prevention plan.
Our Cerdant Sentry Threat Detection system will identify devices on your network that are taxing network resources and reaching out to known botnet IP addresses. A Cerdant Network Security Analyst will work with you to identify the infected machines so that you can remove them from the network.
The proprietary Cerdant Trust Center enables our Security Analysts to create custom rule sets for each client firewall, enabling us to provide accurate and customizable alerting. We also have the ability to set expiration dates for any rules that you may want set to suppress traffic only for a set period of time.
Cerdant will flag customer traffic that contains malicious IPs by cross-referencing it against daily scans of the largest IP Reputation Databases. If traffic is flagged, a Cerdant Security Analyst will investigate fully to determine if a threat exists. This feature can also take an identified malicious IP and compare it across multiple customer’s traffic to determine if there is a widespread cybersecurity event occurring.