Aujas Cyber Defense Center, an ISO 27001 certified Global Delivery SOC (Security Operations Center) has gone live in Bengaluru. It is designed to extend the capabilities of SIEM (Security Incident and Event Management) solutions and provide threat detection, actionable threat intelligence and endpoint response. This aims to help security professionals hunt and mitigate the complex and persistent threats.
Srinivas Rao, Co-founder and CEO of Aujas, said, “Today, more than 70 per cent of security incidents are reported by third parties, often as late as six-nine months after the event. The data signifies that enterprises today have weak monitoring capabilities driven by detecting and alerting familiar attacks. This leaves a window of vulnerability which malicious agents can easily and repeatedly exploit.”
He further added, “If a bank or an insurance provider’s network is breached, then the customer’s assets, as well as personal data and reputation, are on the line. So the key question is do you want your security teams to play on the back foot and wait for malicious attacks or should they start playing on the front foot and stop an attack before it happens? Wouldn’t you sleep better knowing you have the right people, employing the right tools, actively hunting threats 24/7?”
In 2017, the threat landscape consisted of 58 per cent known threats and and 42 per cent unknown threats. Further, before 2020, it is likely to exceed that of the known, according to IBM X-Force Threat Research report.
“It is true that technology has evolved and the modern SIEM is truly an integrated solution built on a common codebase, with a single data management architecture and a single user interface. This helps with better correlation, integrated with tactical threat intelligence feeds, capability to link assets with vulnerabilities and do prioritization with run book automation, but still, that is not enough,” said Rao.
To enable preemptive protection, Aujas Cyber Defense Center incorporates:
- Proactive Threat Discovery by using actionable threat intelligence based on customer critical assets, industry segment and geographical threat vectors, secondly, a proactive threat hunting by leveraging big data that ingest customer log and packets and uses machine learning to identify anomalies and finally, the managed deception to lure attackers and improve true positives
- Advanced Threat Detection using Next Generation SIEM with flexibility to use kill-chain based use cases and threat model-based protection, capture full packets and flows and integrate well with organisations critical assets, vulnerabilities, use tactical threat intelligence feeds and provide single pane of glass
- Incident Response Platform Automation to improve SOC efficiency, provide single-view visibility and reduce time-to-respond by 90 per cent
- Endpoint Detection and Response tools to detect and respond to outsider and insider threats; speedily contain future attacks and manage APT attacks effectively
At the Aujas Cyber Defense Center, a team of certified security professionals scans client’s network for suspicious behaviour round-the-clock. It collects threat data from the external landscape and combines this information to identify risks. It also separates the false positives/deceptive, validates real risks and prioritises them. The team then recommends rapid counter-measures to provide complete cover on threats and intrusions in real time. They conduct a detailed root cause and impact analysis and recommend policy/rule changes to preempt future attacks