Your partner to detect, analyze and manage Your security incidents
24 hours per day, 7 days per week, 365 days per year






Security Monitoring

Centralized monitoring of Your security infrastructure , in order to detect potential threaths that could compromize your company

Phishing

Detection, analysis and takedown of phishing sites that acts like clone portals of your brand, compromising your image and your Customers

Cyber Threat Intelligence

Cyber Threat investigations in order to collect all information about threats that could damage your company or your business sector

Malware Analysis

Identification and advanced analysis of threats that have damaged your infrastructures or could compromize your company security


Security Monitoring

Security Monitoring

We monitor your security infrastructure events, through Security Analytics paltforms and other tools used by the Security Operation Center

Correlation Events

Collection, correlation and information intelligence enrichment about security events.

Security Analysis

We analyze security events, in order to detect strange behaviour and activities.

Alerting & Incident Response

We promptly notice possible attacks / detected threats, in order to keep you informed and support you during incidents management.


Phishing

Phishing

Training

Driven learning by our anti-phishing systems, in order to obtain always cleaner and real alerts, without false positives

Monitoring

Monitoring of recent clone portals and potential web fraud victim

Investigation

Threat Intelligence integration with SIEM, Security Analytics platoforms and custom Sandbox solutions managed by highly skilled cyber security analysts

Shutdown

Notifying the company that, knowingly or not, hosts phishing content or provides hosting service, in order to grant the shutdown.


Cyber Threat Intelligence

Cyber Threat Intelligence

IP Monitoring

Find references to IPs when they appear on relevant channels

Domain and Website Monitoring

Mentioning domains and websites on Pastebin, forums, IRC, and many other sources

Direct Threats Monitoring

Cyber attacks, malware and targeted campaign



Researching events that cause impacting at different locations

Identify threats across regions, Customer sites and the market segments

Products and technologies threat research

Identifying threats to the Customer products and technologies

Identifying threats against social media assets

Monitoring the company social media assets researching any directly stated risks, including reputation

Identifying threats to C-level executives

Detection of Customer's executives threts and personal information leaked online


Malware and methods monitoring

Monitoring of criminal group, campaigns, cyber attacks, malware and method targeting a specific industry


Malware Analysis & Incident Response

Malware Analysis & Incident Response

Analysis is the process more focalized to understand threats, potential damages that they could cause, identify the attack vector and his source in order to avoid that the same could be used again.
Argo is the Big Analytics platform used by Security Operation Center for Malware Analysis with other tools like external feeds aggregators, custom sandboxing, etc.
Security Operation Center follows different Cyber Investigations techniques, according to the severity level:

Non-Critical Incident


Incidents for which preliminary analysis didn't show serious damage's traces to the company. Security analysts will analyize the incident, in case, involving product specialists, in order to better understand the acted dynamics and the possible containment / resolution procedures to apply. During these tests there is the possibility to detect more elements that lead to a new assessment about the Incident and its impacts.

Non-Critical Incident



Incident that doesn't cause real impairments or huge damanges to the company


Critical Incident


Suspicious activity for which we can identify potential data exfiltration activity, impairment of the same or impact to mission critical company services. This type of accident request the creation of a virtual Response Team, formed by different professionals, depending on the context identified. Sometimes, this type of procedure, can involve some company departments not strictly tied to the universe IT. After investigation, analyst or team studies possibles remedial actions and, if possible, they apply corrective actions.

Critical Incident



Data exfiltration, data impariment or huge impact in company operations.