Cyber Security Essentials Inclusions
Script / Macros Control – Real Time –
This stops unauthorised scripts from running. It will identify malicious scripts within Excel documents and determine the correct action based on AI analysis. It prevents the execution of PowerShell scripts. It supports granular whitelisting and safelists.
Detect and quarantine malicious files – Real Time
You can add files identified in threat events to a quarantine list or a safe list for handling future events.
Real-Time Protection
Malware detection and response with zero latency. Threats, such as malicious email attachments, are eradicated before their payloads can be detonated.
Memory Protection – Real Time
It will proactively identify and stop malicious use of memory. It will prevent memory-only attacks such as privilege escalation. It supports granular exclusions and enhanced troubleshooting and reporting.
Device Usage Policy Enforcement – Real Time
It will control the use of USB mass storage devices. This will help prevent data theft via removable media.
24/7 Detection and Automated Response
The AI monitors devices continually and takes action immediately after detection or activity occurs. The action will be based on the type of attack but could range from stopping the process and undoing what occurred to isolating the machine.
Phishing and Malicious URL Detection – Real Time
AI will automatically detect and stop malicious URLs, including those with embedded phishing elements.
Email Phishing Campaigns – Twice per month.
We will perform a quarterly phishing campaign. This will allow you to test the training and identify employees who need additional reinforcement training.
Device Usage Policy Enforcement – Real Time
Controls which devices can be used in the environment, eliminating external devices as a possible attack vector.
Apply Best Practice Lockdown to M365 Tenant – Quarterly
We will configure your M365 Tenant for best practice lock down settings.
True Zero-Day Prevention / Ransomware Protection – Real Time
It will prevent Zero-day payloads from executing using a resilient AI model. It uses AI and machine learning — not signatures — to identify and block known and unknown malware from running on endpoints, providing true zero-day prevention.
External Penetration Testing – Quarterly
We will perform a penetration test against all of your public IP addresses. This will identify and allow us to lock down any attack vectors which may be used by an attacker.
Internal Penetration Testing – Quarterly
We will perform a penetration test against all of your public IP addresses. This will identify and allow us to lock down any attack vectors which may be used by an attacker.
Vulnerability Testing – Quarterly
We will perform a penetration test against all of your public IP addresses. This will identify and allow us to lock down any attack vectors which may be used by an attacker.
Dark Web Monitoring – Real Time
We will run dark web scans looking for references to your company domain or any breached passwords.
Online Security and Phishing Training- Twice Monthly
This training will consist of a series of longer quarterly training and snapshot monthly training. Full reporting on training completion is available.
Workplace Security and Policies – As Required
We will provide sample workplace policies. You can customise and use these within your own portal or use a dedicated company portal within the training to store these and make them available to employees.
Threat Hunting and Root Cause Analysis – As Required
Mitigate previously exploited attack vectors and eradicate hidden threats with on-demand targeted threat hunting.
Application Control for Fixed-Function Devices – As Required
Ensures fixed-function devices are in a pristine state continuously, eliminating the drift that occurs with unmanaged devices.
Role Based Access Controls (RBAC)
It will limit employee access rights to only the information they need to do their jobs. We will work with you to set this up. It minimises risk with a more granular role management. It allows you to improve restrictions to network access-based information they need to do their jobs. Best of all, it will be a minimal impact on existing users.
Managed Security Operations Centre and SIEM (Optional)
In our Managed Security Operations Center (SOC) we have trained security personnel monitor and manage security for your business network. We will detect, identify, and respond to potential security threats in real-time. SOCs are responsible for handling security monitoring, threat detection, capacity planning, and threat response. It prevents security breaches by keeping your network and data safe from malicious attacks.
A SEIM (Security Information and Event Management) system is a software solution that collects, correlates, and analyzes security-relevant information from various sources throughout an organization’s IT environment. It helps our Soc teams to identify potential security threats, mitigate risk, and improve compliance by providing real-time alerts, reports, and analytics on security events and vulnerabilities.
Essential Eight Audit and Compliance
If you require a more comprehensive Cyber Security Footprint or you need to comply with the ACSC Essential Eight our Cyber Protect Managed Services is the solution you are looking for. We will both supply the tools and specialist knowledge required to get you up to level one and beyond.
We have certified accessors on staff who can measure your business against the Essential Eight Guidelines for Compliaince.
