Threat Detection and Prevention

At Metaphor IT we take a different approach to security, rather than alert you once an incident has occurred we provide solutions that constantly analyse your estate from the network through to your applications. Based on complex trend analysis a threat can be anticipated and stopped in its tracks. Your data is a valuable asset, how do you know if your organisation is suffering a data breach? Are you taking the necessary steps to mitigate an attack or are you simply reacting to one?

Data breaches are not just malicious external parties trying to obtain data or cause damage. More and more internal breaches are occurring where staff are deliberately or accidentally removing data outside of the corporate structure. The world’s biggest data breach was in fact caused by a member of staff deliberately removing data from corporate systems and we are seeing more and more breaches which are caused from client’s supply chains and partners.

We know that the security of your network is dependent on multiple components; laptops, desktops, servers, mobile phones, network appliances, firewalls, your antivirus solution and even your applications and open source software. In order to detect and prevent threats, we need to have the complete picture.

By collecting the events and logs from each component and storing them in a central location, we can perform real-time, comprehensive analysis to spot trends and patterns across your infrastructure. Our solutions take this information and process it, empowering you with the knowledge to react before a breach has occurred. If your organisation thinks it’s important to improve their threat detection, analysis and visibility then Metaphor IT can help.

Security Information and Event Management Platform (SIEM)

Do you have clear, real-time visibility of every element of security across your entire IT estate? Are you able to view security events and log information from network devices right through to desktops and applications on a single monitoring interface? If the answer is no, you should be looking at implementing a Security Information and Event Management Platform (SIEM). SIEM platforms provide organisations with the capability to gather, analyse and present information from almost every element of your infrastructure, including:

  • Network and security devices
  • Identity and access management applications
  • Vulnerability management and policy compliance tools
  • Operating systems
  • Database and application logs
  • External threat data

This unified source of information empowers your security team to understand threats as they manifest, so the necessary actions can be taken. Metaphor IT work with some of the industry’s leading SIEM vendors to provide you with total visibility and control of your IT estate. We also provide bespoke monitoring and management services to maximise your investment in a SIEM platform.

Open Source Security

Enterprises across all industries are increasingly using open source software to build higher quality software, faster and cheaper. Yet thousands of open source vulnerabilities exist within the majority of application portfolios and security appliances, often unbeknown to the organisation or vendor. It is highly likely that a substantial amount of the software and firmware within your organisation has been created with a level of open source code and libraries. We can help your organisation promote the use of open source software whilst mitigating security risks. Through comprehensive analysis of your software portfolio Metaphor IT can highlight vulnerabilities so you can take the required remedial action.

Threat Protection (ATP / DDOS)

In the media we constantly hear of attacks taking place on organisations. These are usually in two different forms, those intended to disrupt service and those indented to steal data and hold ransom. The sole purpose of a Denial of Service attack is to take down public facing services such as websites. A DoS or DDoS (distributed) attack sends millions of connections to a given endpoint until it’s no longer able to facilitate them and takes the service down. The source of the attack is typically from endpoints infected by malware, lying dormant until the command is remotely executed to carry out the attack. An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage or affect the service.

Do you have a public facing service that could be subject to a threat? Do you have data that could be used to damage your reputation or hold you as an organisation at ransom? Metaphor IT work with leading technologies that protect, secure and keep your services live mitigating downtime and data loss as a result of malicious attacks.