HANA.EXPERT's Rapid Detection Service helps prepare your organization for advanced cyber attacks, before and after they happen. Our fully managed service is designed to detect the most skilled of attackers, whether they're using malware or non-malware tactics, techniques, and procedures. It enables you to respond to threats promptly, with actionable guidance from our experts. Attackers will first gain access to your IT infrastructure. This typically happens either by exploiting a known vulnerability in one of your servers, or by using a combination of spear-phishing emails and a web or document exploit targeting, for example, one of your customer-facing teams.
After gaining the initial foothold in your IT infrastructure, the attackers will try to access the data or gain the control they are after. Typically, they accomplish this by using existing IT administrator tools included in Windows, Mac and Linux operating systems such as PowerShell, Windows Remote Management and Service Commands.
In a 1300-node customer installation, our sensors collected around 2 billion events over a period of one month. Raw data analysis in our backend systems filtered that number down to 900,000 events. Our detection mechanisms and data analytics then narrowed that number to 25. Finally, those 25 anomalies were analyzed and handled by experts, and 15 were confirmed by the customer to be actual threats. In each of these 25 cases, our Rapid Detection Center alerted the client within 30 minutes from the moment the anomalies were flagged.
For more information, please contact: