There are three tiers of ASOG cyber security services, each having vital functions. Tiers 1 and 2 have two common foundations with security monitoring tools to receive relevant information from both inside and outside the network (e.g., persistent outbound data transfers, login/logoff, firewall activity, etc.). These systems also monitor cloud and on-premise infrastructure services like DNS, email, web, domain controllers, and active directory services. Each sends information to log analysis, endpoint detection and response or security information and event management tools. The third tier of ASOG cyber security is leveraging these tools to enable operations with complete invisibility anywhere in cyber space. The three tiers of ASOG services are:
Tier 1 – Triage.
This service is passive in nature and focuses on potential threats that are passing through the network, automatically blocks and logs them and reports them back to the client. This encompasses scanning and inline deep packet inspection to look at the content and type of data in order to respond as appropriate (next gen firewalling). The response will be either to alert, block or let data pass on a 90 day rolling log. This log allows the client to have evidence for investigation in case of an exploit. This service is not “live”, but allows for inspection and analysis after the fact. Log reports are supplied at intervals agreed with the client. Additionally, this service encompasses a master-slave relationship in order to assure the client doesn’t experience any downtime (failover integrity for the system).
Tier 2 – Real Time Protection and Response.
This takes Tier 1 capabilities and make them “live” allowing real time alerts, reaction and protection to stop an incident as it happens. It is pro-active, not passive. It uses an integrated suite of the most advanced software coupled with automated agents that stand guard at each authenticated endpoint. This PEN tested service will protect the client from virtually all outside attacks, exploits and hacking and even some internally generated human errors or sabotage.
Tier 3 – Incredible Invisible Cyber Search (Zero-Trust Networking).
This tier creates a cyber “cloak of invisibility” for untraceable and untrackable searches and stealth operations including the dark web and deep web. This tool provides total anonymity and is a must for a wide variety of businesses including law firms, competitor searches, journalists, law enforcement, international business travelers, etc. It is available in standalone as well as mobile laptop configurations. This is a proprietary capability that will be demonstrated at ASOG and followed with training both at ASOG and on-site.
While many cyber security providers claim end-to-end security services, most fall woefully short and are only able to perform at ASOG’s Tier 1 level. Moreover, most end-user organizations do not have the confidence, talent, or skills to contain and respond to a data breach.