Vulnerability Management

SG Technologies make it easy for business to reduce the attack surface by focusing on vulnerability management and user training awareness – for a start! In second quarter 2017, it was shown that 67% of all data breaches have occurred as a result of phishing exploits. This sends a clear message to SMEs that staff awareness training combined with an always ‘on’ cloud vulnerability service, can move then towards higher compliance levels.

The SG Technologies Managed service can be a ‘on or off’ premises deployed virtually or with hardware components. The service is tailored to your requirements, and can grow with new sources of data and events that are meaningful for your organization’s objectives.

Security Maturity Model

Security maturity and posture can be measured by the systems and protections organisations have in place. Many SMEs simply seek PCI compliance technology, as they are handing thousands of credit card or similar transactions. More mature companies look at internal and external penetration testing possible with some in-house skillset, but more likely outsourced services. SMEs in many cases do not have the skillset to be able to deploy baseline vulnerability management services or web application scanning, which adhere to high level of security policy compliance. Larger companies typically have a plethora of IT security personal that is matched by using expensive Security Incident and Event Management Systems (SIEM).

Good cyber security practice doesn’t need to be complex. SG Technologies Managed Security has developed a ‘security visibility’ dashboard that ingests data from a few disparate security vendors, that ultimately allows SMEs to move to a higher security posture. We provide reporting and management solutions from PCI compliance, penetration testing, vulnerability and web application management to a compliance policy level, not normally attained by SMEs.

Vulnerability Management Service

SG Technologies Managed Vulnerability Scanning service helps reduce your IT Systems’ available attack surface by proactively identifying vulnerabilities across your environment, prioritising them based on business impact and technical risk, and providing remediation guidance. The service includes world leading vulnerability assessment technology from Qualys which is tightly integrated with the SG Technologies cloud dashboard and is fully managed by SG Technologies team.

The SG Technologies Vulnerability Management Service comprises the following core components:

  • Initial implementation including asset inventory and enrolment in Qualys service
  • Monthly Qualys vulnerability scans
  • Emailed monthly reports
  • SG Technologies cloud based Security Portal (Dashboard)
  • Additional scans on demand to address exceptional security events
  • Access to SG Technologies security team for ad-hoc assistance
  • Included in the dashboard is ‘user awareness’ training with friendly phishing components

How does the service work?

SG Technologies uses the industry-leading Qualys Cloud platform to ensure that vulnerability management scans are comprehensive and that the vulnerability database is up-to-date with the latest zeroday threats. As part of the service, SG Technologies will install and manage the Qualys Vulnerability Management technology, along with user awareness training modules.

Vulnerability management scans are undertaken on a monthly basis, forming an integral part of continuing patch management compliance. As part of the service, one additional scan per month can be undertaken to address exceptional security events as they occur.

The Qualys platform is tightly coupled with the Dabble cloud based security portal providing access to detailed drill down information of vulnerability status.

SG Technologies security portal enables vulnerability management best practice by providing:

  • Immediate visibility into where you IT Systems are vulnerable and can be compromised
  • Up to date database of vendor patches
  • Malware detection – continuous update on zero-day database
  • Analysis of missing patches, including the severity level
  • Identification of missing patches at the OS and application level
  • Detailed drill-down access to vulnerability information
  • Automated reporting for security and compliance
  • A single pain of glass – the ability to add new security features into the dashboard.

In addition, we will provide access to Dabbles security team for assistance in vulnerability identification and patch management.

User Awareness Training

The user awareness training module is linked the Dabble dashboard, as part of the vulnerability platform. We provide ongoing Phishing and awareness simulation services. The service provides continuous assessment of the susceptibility to phishing attacks and raises awareness of employees to the types of email and embedded links that may be contain malware or other advanced threats.

The service comprises 2 core components:

    • Phishing simulation campaign to assess and track vulnerability; and,
    • User Education Programme to raise overall awareness of security issues surround email, attachments and web browsing.

SG Technologies will tailor the service to meet the customer’s specific requirements by designing a range of templates and education appropriate to the employees and underlying industry segments. The templates will be designed to minimise the chance of email landing in employee spam or junk folders.

Different types of simulated phishing email can be configured such as ‘drive by attacks’ that provide a tempting message for employees to click right through to more complex ‘data entry’ attacks that ask an employee to enter personal data in an external site. Different attack profiles ensure a comprehensive assessment of phishing awareness within the organisation.

Roadmap Dabble Dashboard

The SG Technologies Dashboard acts as a central repository and management interface for many events and logs of interest to your business. The roadmap is adaptable around what may be relevant for your business. If you need to look at a certain performance metric we can look at ingesting details into our dashboard. However, in the near future we are looking at the follow sources.

  • Flow intelligence (Netflow)
  • AD Queries
  • BRO Qualys Compliance Scans
  • Service Desk Integration
  • Email Alerting
  • Machine Learning
  • More SIEM-like functionality

Dabble Security Services

No single mitigation strategy or control is guaranteed to prevent cyber security incidents. Supporting our managed service products, we can provide rich security governance services. As such, Dabble provide expertise across a broad spectrum of security solutions including:

  • Managed Security Visibility Services
  • Security Strategy and Governance
  • PCI – DSS Compliance
  • Vulnerability and Patch Management
  • User Awareness and Phishing Simulations
  • Traffic Profiling and Visibility
  • Active Security and Penetration Testing

Strategic Partnerships

SG Technologies IT have formed strategic partnerships with industry leading vendors to deliver world class solutions in the area of security and network visibility, these vendors include:

  • Qualys – security vulnerability and compliance
  • Security IQ – user awareness education and phishing simulation
  • Elasticsearch – analytics engine
  • Ixia – network packet broking and test & measurement solutions