To protect your business against cybercrime, Aramys offers you the Mira Soc solution, a managed service for detecting and protecting your information system against cybercrime.
"Cybersecurity is not just about technology, it's also about processes and people".
Feedback on attacks carried out by cybercriminals shows that today's attackers have often been present within a company for several weeks. This enables them to obtain all the information they need to annihilate any remedial action and to steal the content they want.
Standard security solutions are very often circumvented, and their effectiveness is greatly diminished by cyber-malware. For example, traditional anti-virus software only detects 30 to 40% of current attacks.
The ever-increasing evolution of attack techniques used by cybercriminals means that we need to make progress in our solutions for combating cybercrime. The need for security tools to detect weak signals of compromise is well established.
The first EDR (Endpoint Detection Response) solutions to appear on the market, using sensors to send metrics back to a database, proved their effectiveness, but unfortunately the results were only very partial because only the endpoints sent back information.
Detection
Investigation
Respond
Reports
XDR (eXtend Detection Response) solutions, using a global approach to detection and remediation, collect and correlate detections and in-depth activity data across multiple security layers: email, desktop, server, cloud, collaborative tools and network.
This approach of consolidating events into a data lake enables the application of features such as artificial intelligence, predictive models, behavioral analysis and many other techniques that attackers are already making full use of.
Seeing the attack-centric, graphical timeline provides answers in one place:
How was the user infected?
What was the first point of entry?
What other element/user is part of the same attack?
Where did the threat originate?
How has the threat spread?
How many other users have access to the same threat?
Data collection and processing enable security postures to be provided, such as Zero Trust, which is a proactive defense strategy, and Mitre Attack, which is a matrix of tactics, techniques and basic knowledge of adversaries against cybercrime.
To put all this knowledge to work, Aramys has built an XDR Mini SOC offering that meets the cybersecurity needs of the endpoint and more:
24/7 monitoring of events by the Aramys service center in collaboration with TrendMicro analysts.
Incident investigation and reporting, including analysis and recommendations. (Qualification of alerts, questioning of false positives, classification of the threat and notifications on proven alerts).
Threat response with intervention from remote consoles (threat isolation, response actions, remediation, action plan) for up to 6 hours per month.
A cybersecurity expert is on hand once every 3 months to provide a summary analysis of the solution and areas for improvement in terms of perimeter security.
Simulation of a phishing campaign using TrendMicro's Phish Insight tool.
Automated actions are possible on critical incidents: network isolation, process and application shutdown, registry key deletion, etc.
Manual actions are possible on incidents from the Vision One console are live analysis request with the CDS.
Periodic on-site review by a qualified Aramys expert, to examine a company's operations or processes on a regular basis.
Correlation and prioritization of alerts 24/7 using automation and analysis, only on events that require further investigation.
The service capitalizes on Trend Micro's various products, making the most of its ability to detect and monitor changes in IT security risks.
Issuance of SOC analyst reports for all incidents requiring investigation, to strengthen transparency and accountability in cyber security.