Provides the Protect-Detect-Remediate defense framework which is a best practices approach for defending against APTs. Secnic can provide a complete, integrated protect-detect-remediate defense for any IP enabled device in your organization.
- Protect – In this phase, it’s important to stop infections from happening by identifying and blocking inbound threats such as zero-day malware, worms, viruses, trojans, malicious URLs, infected IP addresses, etc.
- Detect – Eventually either through malicious insiders or gaps in your defense, infections will invariably occur. At this phase, you need to be able to detect infections, data ex-filtration attempts, and intercept communications from a bot net to its command and control (CNC) server.
Remediate – Once a threat has been identified, it is critical to immediately contain further damage by blocking CNC communications and stopping all data exfiltration. Then the security team can correlate data and run forensics to identify the affected systems and do a root cause analysis and heal the infections.