Threat Detection and Prevention
Security Information and Event Management Platform (SIEM)
Do you have clear, real-time visibility of every element of security across your entire IT estate? Are you able to view security events and log information from network devices right through to desktops and applications on a single monitoring interface? If the answer is no, you should be looking at implementing a Security Information and Event Management Platform (SIEM). SIEM platforms provide organisations with the capability to gather, analyse and present information from almost every element of your infrastructure, including:
- Network and security devices
- Identity and access management applications
- Vulnerability management and policy compliance tools
- Operating systems
- Database and application logs
- External threat data
This unified source of information empowers your security team to understand threats as they manifest, so the necessary actions can be taken. Metaphor IT work with some of the industry’s leading SIEM vendors to provide you with total visibility and control of your IT estate. We also provide bespoke monitoring and management services to maximise your investment in a SIEM platform.
Open Source Security
Enterprises across all industries are increasingly using open source software to build higher quality software, faster and cheaper. Yet thousands of open source vulnerabilities exist within the majority of application portfolios and security appliances, often unbeknown to the organisation or vendor. It is highly likely that a substantial amount of the software and firmware within your organisation has been created with a level of open source code and libraries. We can help your organisation promote the use of open source software whilst mitigating security risks. Through comprehensive analysis of your software portfolio Metaphor IT can highlight vulnerabilities so you can take the required remedial action.
Threat Protection (ATP / DDOS)
In the media we constantly hear of attacks taking place on organisations. These are usually in two different forms, those intended to disrupt service and those indented to steal data and hold ransom. The sole purpose of a Denial of Service attack is to take down public facing services such as websites. A DoS or DDoS (distributed) attack sends millions of connections to a given endpoint until it’s no longer able to facilitate them and takes the service down. The source of the attack is typically from endpoints infected by malware, lying dormant until the command is remotely executed to carry out the attack. An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage or affect the service.
Do you have a public facing service that could be subject to a threat? Do you have data that could be used to damage your reputation or hold you as an organisation at ransom? Metaphor IT work with leading technologies that protect, secure and keep your services live mitigating downtime and data loss as a result of malicious attacks.