Secure

Asset discovery involves keeping a check on the active and inactive assets present in your network. The tools used for this generally analyze the asset clusters and identify the relationships between their usage, the network, and devices.

It is important to know which software modules are installed in your network. Interestingly, most employers and security professionals are unaware of the tools being used on their network, therefore an asset discovery tool is required. The main services an asset discovery tool provides are: 

Diagnosis of problems / faults & resolving them

Device management

Asset maintenance

Configuration management

Mitigation of security risks

Avoidance of unlicensed software packages (and hence, avoidance of malware and threats)

Eliminating commercial risks arising due to the exposure of organization’s sensitive data to unauthorized people/tools

Behavioral monitoring helps security teams quickly pinpoint unusual activity and act upon it. Also known as user and entity behavior analytics (UEBA), behavioral monitoring gathers data to build profiles for different types of users. It can then use those profiles to identify and flag potential threats. It has the potential to catch emerging threats before traditional, signature-based tools.

Here are some examples:

A remote employee usually accesses the virtual private network (VPN) from her home and from a nearby coffee shop. In the space of 30 minutes her login credentials are used from two different cities on different continents. Behavioral monitoring tools can detect the credentials being used from two places thousands of miles apart and raise an alert.

An accounts payable clerk usually works in the corporate office between 8 AM and 6 PM, Monday through Friday. As part of his usual work, he accesses the accounting system, a shared finance folder, the company intranet, and the inventory system. On his lunch break, he usually reads political news websites and occasionally listens to streaming news broadcasts during the day. Behavioral monitoring would flag these actions:

Logging in from a different location

Attempting to access different systems or files (source code, human resources files, or mergers and acquisitions information)

Logging in at 1 AM

Connecting to servers in China or Russia

Any of these activities taken alone could be legitimate user behavior that a security analyst could verify by talking to the user. Taken together, these events could indicate a security compromise. Behavioral analysis allows companies to move quickly to respond to threats and stop attackers before they can exfiltrate data or cause damage to the company’s systems and data.

An intrusion detection system (IDS) is a vital element of a truly successful solution. It flags up inbound and outbound malicious traffic, so you can take proactive steps to safeguard your network. An effective IDS keeps your IT personnel informed, so they can respond rapidly and with precision to a potential threat.

Firewalls and anti-malware programs are just one small part of a comprehensive approach to security. When a network grows, and unknown or new devices regularly jump in and out, you need intrusion detection software. This software should be capturing snapshots of your whole system, using knowledge of potential intrusions to proactively prevent them.

SIEM tools work by gathering event and log data created by host systems, applications and security devices, such as antivirus filters and firewalls, throughout a company's infrastructure and bringing that data together on a centralized platform. The SIEM tools identify and sort the data into such categories as successful and failed logins, malware activity and other likely malicious activity.

Pantera's Vulnerability Assessments provide a complete evaluation of existing and potential vulnerabilities within your organization with the end result of improving your security posture. The evaluations are designed to proactively identify and prevent the exploitation of any existing IT vulnerabilities.

Our main objective is to identify cyber security weaknesses and test how far a potential exploit can compromise your network. We also test your organization's security policy compliance, the effectiveness of your employee security awareness training program, as well as your ability to identify and respond to cyber security incidents.