Trust our team of experts to defend your systems and data around the clock, 24x7, every day of the year.
Schedule a chat with our specialist and solution architect to determine the best services for your current level of security and your cyber set-up.
This service provides the core to the Managed Detection and Response service portfolio, 24x7x365 monitoring.
Our team deploys a Security Information and Event Management (SIEM) solution, which provides endless telemetry from various devices and brings together information from across your systems and paints a picture of what ‘normal’ looks like and lets us know if there is something out of the ordinary happening.
Includes:
Our assess service regularly scans your whole network to look for vulnerabilities in your technologies.
Our experienced team review the outcomes with you and build remediation plans.
Without a Vulnerability Management service such as this, you’re not going to be aware of issues such as missing patches or misconfigurations an attacker could be targeting.
Includes:
Where security threats are identified and triaged, the Triskele Labs SOC will act where agreed and possible to remediate the threat.
This will occur through the tools Triskele Labs will have access to including EDR, Mail Gateway and SIEM.
Includes:
We build a suite of playbooks based on your organisation’s unique situation, and our technology takes an automated action based on the threat.
Our Advanced service involves our Security Orchestration Automation & Response (SOAR) platform, integrated tightly into our Security Information and Event Management (SIEM) and your existing infrastructure.
Includes:
Sometimes Threat Actors can dodge even the best monitoring systems, so our expert team of Threat Hunters use Endpoint Detection & Response (EDR) tools to find the needle in the haystack.
Our Cyber Threat Intelligence (CTI) team are continually scouring for new threats and provide the Tactics, Techniques and Procedures (TTPs) to our team to conduct ongoing hunting.
Based on this, we build new customised detections to ensure we stay ahead of the game.
Includes:
Led by the Red Team and defended by the Blue Team, our teams conduct ongoing, Adversary Simulation Activity aligned with the MITRE ATT&CK framework to ensure the relevant controls are in place.
Following the activities, our teams report if threats were identified or not.
Where threats were not identified, detection rules will be implemented, technology and logging permitting.
Includes:
Our dedicated Cyber Threat Intelligence (CTI) team is continually identifying new indicators of compromise, clues that point to a data breach, and TTPs to find out what is being used in the wild.
Includes:
Our WhiteGlove service provides Incident Response and Containment services, for an event where a Threat Actor has managed to compromise a host(s) and gain persistence, move laterally or otherwise further compromise the network.
The WhiteGlove team will be initiated to commence investigation into the origins of the attack, it’s root cause if possible and any potential or actual impact, along with recommendations regarding next steps.
Unfortunately, cyber security attacks happen all the time, which is why we’re always watching.
If a Threat Actor does manage to get through your security, we’re ready to respond instantly.
Our teams will be immediately deployed to contain the incident, mitigate any potential damage and identify exactly what happened, all while keeping you informed every step of the way.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
