TCW Managed Threat Detection and Response
Cyber-attacks are not just limited to business hours. In order to defend networks and devices against malicious threats and abnormal user behavior that might be indicative of a data breach, our Security Operations Center (SOC) operates continuously 24 hours a day, 7 days a week, 365 days a year.
TCW’s security service offerings include our ground-breaking Managed Threat Detection and Response Service. This service combines the collection and analysis of logs (Security Event Information Management or SEIM) with a 24/7 Security Operations Center (SOC). In short, this means that we not only detect threats, but we actively review and investigate them. Trained security experts and analysts actively look to detect and neutralize threats, resulting in the best possible protection while ensuring company uptime.
The Cost of an Attack or Breach
The costs surrounding a cyber-attack or data breach are continually growing. In 2016, the estimated cost of such an event, with all things considered, totaled approximately $4 million. Given the recent trends in 2017, this cost is expected to rise. Many small-to-medium enterprises simply cannot afford the potential cost an attack could have. In certain unfortunate situations, some of these organizations have had to permanently close their doors following an attack or breach. Moreover, if it is found that the organization did not adhere to regulatory legislation, the cost may rise drastically due to legal fees.
Security monitoring of your system can potentially save your business millions of dollars and ensure regulatory compliance. In a two birds, one stone fashion, TCW will not only prevent costly attacks but save you money.
24/7 Security Operations Centre (SOC)
At TCW we are committed to pairing the right technology with the right people to make sure that threats are detected and responded to in as short a time frame as possible. In order for us to offer an excellent security service we need to have a truly extraordinary SOC. To that effect, we have partnered with the people and technology that enables us to not only detect threats but also respond to them.
One Service takes care of it ALL:
- 24/7 Security Operations Center (SOC)
- (SOC)-as- a-Service
- Cloud-based Security Information & Event Management (SIEM).
- (SIEM)-as-a-service
- Incident Response Team (IRT) and Forensics
- (IRT)-as-a-service
Identify and Address Threats:
- Port scans, host scans, denied scans, sudden change of traffic between certain IPs and other anomalies in traffic.
- Network server/device and admin logon anomalies, authentication failures at all times and unusual IPs.
- Network access irregularities from VPN, wireless logons and domain controllers.
- Account lockouts, password scans and unusual logon failures.
- Rogue endpoints, wireless access points.
- Botnets, mail viruses, worms, DDOS and other “zero day” malware identified by cross- correlating DNS, DHCP, web proxy logs and traffic flow.
- Abnormalities in web server and database access.
Compliant with most Regulations
(HIPAA, PCI-DSS, NIST, SOX, GLBA, FDIC):
- Full Log management: long-term storage, archival and retrieval.
- Raw log storage, archival, and retrieval
- Event Log Correlation and Threat Intelligence
- Log and alert analysis
- 7 year log retention policy
- Infosec incident report
- Executive Summary and Compliance report
- 100% US based and SOC 2 Certified