MANAGED THREAT GATEWAY SERVICE

REDUCING YOUR EXPOSURE BY BLOCKING GLOBALLY IDENTIFIED THREATS


The Effective Defence Strategy


An effective information security program should not leave your organization exposed to previously identified threats. An essential capability of any security program is to defend the organization against invasive threats that target vulnerabilities, breach systems and compromise data.

CyberStash helps organizations get ahead of the game by blocking globally identified sources of threats whether they are associated with malicious IP addresses, domains or countries. Delivered as a managed security service with flexible subscription options, CyberStash stays with you all the way to keep you safe and secure.

Download the datasheet, request a quote or contact us for additional information: Contact Us

BUSINESS CONTEXT


Defending an organization against cyber threats requires threat intelligence. At any given point, the Internet plays host to millions of IP addresses and domains with links to malicious cyber activity. As we’re all connected to a global network, none of us works in isolation, and we all face similar threats from adversarial sources that typically do not discriminate when it comes to which organizations they target. We can, therefore, leverage the collective threat intelligence gathered globally to detect and block known threats and thereby defend your business systems and sensitive information.

Predictive intelligence must be used both effectively and efficiently. Knowing about the sources of threats but doing nothing until they begin to target your organization is neither an effective nor an efficient approach to cyber security. To optimize risk and resources, the better practice is to:

  • Proactively block inbound communication from IP addresses used by attackers.

  • Proactively block outbound communication to IP addresses and domains used by attackers.

  • NextGen firewalls are incapable of processing an adequate subset of threat intelligence indicators. This leaves you operating with a limited subset, thus resulting in security coverage gaps and/or the need to invest in expensive deep packet inspection processing power to stop the massive volume of known threats.

    With close to 750 million shared threat indicators available in open-source feeds alone, a purpose-built defence capability is clearly required to consume the dynamic and growing sources of threats. The service must also automate the blocking of threats detected by other security technologies that your organization may be using. It must be risk-aware and address rapidly emerging security threats. It must also allow your security team to add their own blacklists and provide searching capabilities against known threats to support your organization’s overall cyber investigation and response capability.

    SERVICE BENEFITS


    The CyberStash Managed Threat Gateway Service delivers an end-to-end outcome for organizations seeking to completely outsource or co-manage the effort.

    Reduces organizational IT risk

    Reduces organizational IT risk by protecting against known threat sources.
    Threat indicators

    Provides global visibility of know threat indicators.
    Centralizes multiple threat-feeds

    Centralizes multiple threat-feeds through standard STIX & TAXII protocols.
    Operationalizes defensive strategy

    Operationalizes your defensive strategy using actionable and predictive threat intelligence.
    Reduces resource

    Reduces resource overhead on your perimeter firewalls.
    Automates blocking from threat indicators

    Automates blocking from threat indicators detected by your existing technologies.

    OUR SERVICE


    The CyberStash Managed Threat Gateway Service can process tens of millions of IP addresses and domain threats at line speeds ahead of your firewall. By using policy-driven automation to minimize your attack space, we vastly reduce your exposure to known threats and therefore reduce the overall risk to your organization.

    We inspect and block inbound traffic from attackers that target your infrastructure and your online services. We also inspect and block outbound traffic traversing to known malicious IP addresses, domains and countries, to prevent your data from being compromised.

    Our Enterprise-Level Service provides further assurance that your organization is being proactively protected from zero-day and emerging threats. We achieve this by actively hunting for and collecting threat indicators which are associated with emerging threats. We then publish these threat indicators to the CyberStash Threat Intelligence Gateway which is deployed on your network so that your organization is promptly protected.

    We back up our service by providing your organization with

  • Regular risks-based reports to demonstrate service effectiveness.

  • Service review meetings to discuss the trends we are seeing across your organization.
  • ITIL Aligned Service Management


    Service Level Reporting

    SERVICE LEVEL REPORTING & MEETINGS
    Dashboard with Delegated Administration

    DASHBOARDS WITH DELEGATED ADMINISTRATION
    Configuration Management

    CHANGE AND CONFIGURATION MANAGEMENT
    Incident and Problem Management

    INCIDENT AND PROBLEM MANAGEMENT
    Upgrades and Release Management

    UPGRADES AND RELEASE MANAGEMENT
    Service Level Account Management

    SERVICE LEVEL ACCOUNT MANAGEMENT