Soc as a Service

Cyber Security has become an important part for any network Infrastructure across the industry verticals. Be it a small SMB, SME or any Big Enterprises, their business continuity is totally dependent on IT and related infrastructure. This also means IT Security, or Cyber Security as it is commonly known now, has become imperative. Gone are the days of having just a perimeter defence, like Firewall / UTM / NGFW, and some Anti-virus for the end-points were enough. Now you need to have multiple layers across infrastructure parameters and a need to proactively take some preventive measures and upkeep your Cyber Security posture.

The SOC Gamut

Every organisation may have different needs when it comes to implementation of a SOC. For some it may be just for compliance purpose as their regulator mandates, but most of them will be actually looking at pro-active Security. Though we are not suggesting of having a inferior adoption of SOC solution, but you can always avoid the High adoption Capex !

At Clyst, we say, WE PLAY ALL

Features of a 24x7 SOC includes:

• Configuration and fine tune critical logs with SIEM

• Create appropriate Alerts with deep dive inspection

• 24x7 monitoring of security critical logs

• Incidence Response and Proactive threat detection

• Realtime email alerts with mitigation guidance

• Monthly Security Posture Report

• Regulatory compliance specific reports

• Regular Vulnerability assessment for assets under scope

Phishing as a Service

Phishing Simulator for User awareness

Empowering your Users using the critical IT infrastructure forms an important part of CyberSecurity resilience. Every Security framework, guidelines and data Security standard talks of “User awareness” as they are easy targets for a hackers. Luring them into opening an attachment or clicking on a link becomes the first and easy step for them to enter your network.

This is where a Phishing Simulator comes into play. Regularly sending your own users Phishing mails, so that they can be trained if they are compromising and develop a habit of checking sender email and domain details before opening any attachment even from a “known name” sender.

Doing it regularly inculcates secure practices among the users in the Organisation.

Features

• Regular multiple, custom templates

• No repeat of any old Campaign

• User trend analysis

• In-house session for IT or Concerned Finance Team (optional)

Anti-Spoofing as a Service

DMARC-DKIM-SPF based strict Anti-spoof protection

One of the core usage of Internet for any Enterprise is for Email communication , apparently becoming one core Technology susceptible to different kinds of hacks. One of the oldest and easy hack is to send spoof mails from your domain ID and try to gain trust of the recipient and gain access of the system or some financial gains

DAMRC, DKIM and SPF based Anti-Spoof solution, whre all these 3 mechanism forms to verify legitimate (trustworthy) email and reject untrustworthy emails from reaching the Inbox, making your domain safer and indirectly upkeep the Brand reputation of your Organisation.

This Service includes strict configuration of DMARC, DKIM and SPF settings, followed by monitoring of mail traffic and ensure no false positives are occurring. Making decision on the untrustworthy mails to be delivered, or quarantine or inaction forms the basis of this service. A well set configuration is dependent of multiple factors and an Automatic well working rejection of only untrustworthy emails can be achieved in a period of short time. At the same time, a very popular company domain with more number of Inbox may need a regular monitoring services to ensure the mail communications are trustworthy.

Though we have a one-time Service where we configure and monitor for 90 days, we recommend to go for the SaaS based option.

• Optimum configuration of DMARC, DKIM and SPF records

• Cloud based monitoring

• Regular Passage and Alignment report

• Comprehensive monthly reports with multiple analysis

• Complies to any regulatory compliance around DMARC/Anti-Spoof

Virtual CISO as a Service

This has become a compliance point for most of Banking, Finanacial Services and Insurance companies falling under different Regulators. So having a dedicated in-house CISO is mandatory, or alternatively they could have a virtual (outsourced) CISO accomplishing the same purpose.

At Clyst, we have many who can don this role of a CISO, but what we offer is a Single point of contact based service. A brief of our vCISO service

• SPOC based service

• Security Architecture design

• Policy framework and implementation

• Critical POC support

Compliance as a Service

The Cyber Security aspect of any compliance revolves around well-known IT practice and Standard operating procedures of IT Team. How they handle critical Servers, its maintenance, to how a new User in network is assigned IT assets and username creation, storage maintenance and so on.

We at Clyst have expert, certified consultants with whom we work, and our strength is in getting these Policies implemented in its authenticity. Being around and working with many BFSI clientele who fall under Regulators like RBI, SEBI, IRDA in India, we can definitely consult each and every organisation on the basics to maintain and upkeep any Compliance Certification.

We recommend you to have a regular SaaS based Policy mentoring to comply to the stricter norms laid by Regulators and DSS.

Assessment as a Service

Combination of Firewall Audit, Network and Security Assessment

Our trio Services can be availed as a SaaS based solution, complying to every Data Security Standard or any Regulatory compliance around Security Assessment.

• Firewall Audit – Cyber-X-Posture

• Network Audit – NetSPA

• Total Security Assessment – VAPTrite

Having a Firewall your networks perimeter is just one aspect of Security, and covers you from majority of well know and simple Cyber-attacks on your network. Having said that, it is not enough and sometimes leads to complacency and a notional security that a one-time configured Firewall, however well it is configured, is protecting you against any impending cyber-attacks. Considering the fact that the Threat attack vectors are more innovative and however Big or Small your organisation is, a hacking attempt is inevitable. As per Gartner, through 2020, 90% of firewall breaches were caused by firewall mis-configurations, a number which they believe will be 99% by 2023. Means we are talking of the just mis-configurations, no flaws of the Firewall, be it any brand.

Cyber-X-Posture

“Through 2023, 99% of firewall breaches will be caused by firewall misconfigurations, not firewall flaws.”

- Gartner

Firewall misconfigurations usually accumulate over time, and if you don’t do a regular AUDIT, you are looking at an cyber risk.

Temporary rules created for unscanned access, disabling threat checks on Firewall Rules, creating “any port” or “any source” kind of rules are typical reasons for a Firewall becoming non-compliant.

Our own experience tells us that 80% of the Firewalls we audit, have 45% or less compliance, and this is a big gap.

At Clyst, we have designed Cyber-X-Posture , which is the Firewall Audit Service, include finding OSINT based risk information for the organisation where the particular Firewall in connected. OSINT, Open Source INTelligence is information available in public domain about any company, their website, their FQDNs and even a simple information if they have any Windows or Linux servers accessible on RDP or Telnet or SSH.

Post the report, we also help in guiding the IT Team remediate open and immediate critical list items. We recommend you to go for “Assessment as a Service” and get a Firewall Audit done once in two months.

Network Security Posture Assessment - NetSPA

NetSPA is more of a entry level Assessment Service for an Network, and it ensures each Network Devices and Systems are assessed for any latest critical vulnerabilities and ensure 100% trust of entire Network.

We recommend you to go for “Assessment as a Service” and get a NetSPA done once in a quarter.

Vulnerability Assessment and Penetration Testing

Security Assessments, or as they are most commonly known as VAPT, Vulnerability Assessment and Penetration Testing, by many Regulatory bodies trying to imbibe a Security culture in organisations under their purview. Most of the guidelines on Data Security Standards talk of getting a Security Assessment done for the entire Network.

We recommend you to go for “Assessment as a Service” and get a VA done every month, and VAPT done once in a quarter for better Security posture.