Edify Labs offers managed SIEM services as well as standalone SIEM solutions. We have decades of technical expertise in cybersecurity and we bring that experience to our SIEM offerings. Our know how of the latest cyber security risks and threats gives us the ability to fine tune the SIEM to respond to breaches and incidents in extra quick time. We offer a customised SIEM portfolio to our clients. We can install and manage the SIEM on the customer premises, or provide the SIEM service as a cloud based service. For those customers who have the relevant expertise, we can install and configure the SIEM tool and then train their personnel to manage it effectively. Get in touch with us today to find out which solution suits you best!

Why is SIEM important?

The SIEM system collates security logs from various resources, including endpoints, routers, servers, firewalls and intrusion prevention systems.

It gives a bird’s eye view of the security status in the organization and can quickly edifylabs in to mitigate attacks.

In case of a cybersecurity incident, advanced SIEM incidents can quickly enable new policies on firewalls / gateways to stop the attack and even capture “packets of interest” to assist in forensics.

Different SIEM solutions for different businesses

Depending on the customer’s’ requirements, we offer different types of SIEM solutions:

Lightweight SIEM – central repository of security logs with basic analysis and reporting ability.

Advanced SIEM – has machine learning with AI and the ability to instruct security firewalls and peripheral gateways to deploy new policies to mitigate attacks. This also has forensic capabilities.

Our SIEM offerings

In house SIEM solution – for organizations who have the expertise to manage the SIEM themselves.

In house Managed SIEM solution – installed on customer premises but managed entirely by the Edify Labs team.

SIEM as a service – A cloud based service offered from our 24X7 Security Operations Center (SOC) which continusly monitors the traffic and detects security events and activates measures to stop the cyberattack. This service also takes into consideration threat intelligence feeds from various industry sources in order to stop zero day attacks. Suitable for large enterprises and critical networks.

Edifylabs provides endpoint security in partnership with leading cybersecurity vendors. Our solution focuses on these key areas:

• Audit
• Analysis
• Encryption
• Management
• Filtering

Audit

Audit makes the data flow visible in detail, showing potential weaknesses in the security settings. It therefore allows the determination of forensic information. The ability to generate this information is an important contribution to IT compliance and matches with laws and industry regulations.

Analysis

To make sure that protective measures are implemented optimally, the endpoint protection module first determines the user’s overall safety situation in the corporate network. The results of this analysis are then processed according to management needs and shown in graphs and tables. This shows an overall picture of the data security for every business and organization. The display is cumulative, so that conclusions about the activities of individual users are not possible. The data shown this way are optimal to specifically establish the protective measures that are really needed.

Encryption

To prevent unauthorized sharing or loss of data, there are different types of encryption provided in the suite:

• Removable Device Encryption
• Full Disk Encryption
• Pre-Boot Authentication
• Folder Encryption
• Cloud / Network Encryption
• Android / iOS Encryption
• Mail Encryption

Management

Our solution provides a central management console to manage and control all endpoints:

• Mobile Device Management
• Inventory Management
• Password Management
• Device Management
• Cloud Access Control
• Connection Access Control

Filtering

Our solution provides various filtering capabilities to protect endpoint resources and make them comply with the company’s policies and regulations including:

• Content Analysis & Filter
• Antivirus
• Application Control
• Data Loss Prevention

According to a survey there were nearly 4500 ransomware attacks per day in 2017 and they are expected to raise this year. The biggest cause of ransomware attacks is the unknown executables, zero day threats. The threats that were born literally in the last few seconds.

Malware is getting so sneaky that traditional AntiVirus software is struggling to keep up. So we have partnered with CrowdStrike to keep your business safe.

PROTECT

“Block unauthorized access”

Comprehensive protection model to block attempts to execute fraudulent software (Application Whitelisting), replace legitimate files (File Integrity Protection), connect untrusted hardware (Hardware Protection) or manipulate hard disk data (Full Disk Encryption).

MONITOR

“Know what is happening”

Obtain information about the Hardware and Software installed on your ATMs and monitor for patterns or evidence that might be indicative of security problems or fraudulent activities: user, files and directory changes, URL navigation and malware detection.

CONTROL

“Execute remote actions”

Remotely execute customized actions and retrieve files or directories from your ATMs, thus facilitating forensics investigations and operational actions to anticipate or react to potential incidents.

Our ATM solution provides a comprehensive set of functionalities to protect your ATM machines and monitor relevant security events. It also adds an extra control layer allowing you to run custom remote actions to investigate or react to potential incidents, all with minimal consumption of resources, thus limiting the impact on the performance of the ATM.

Get in touch with us to find out more!

We will run your mobile through our app security platform and identify vulnerabilities that can then be fixed.

We specialize in providing comprehensive mobile application security assessments of iOS and Android based mobile applications. These operating systems on tablets and smartphones cover the vast majority of the mobile market share – giving peace of mind to you and your customers by ensuring that your applications are secure.

Our mobile APP security assessment cover all vulnerabilities identified by OWASP:

• Injection
• Broken authentication and session management
• Cross-site scripting
• Insecure direct object references
• Security misconfiguration
• Sensitive data exposure
• Missing function level access control
• Cross-site request forgery
• Using component with known vulnerabilities
• Unvalidated redirects and forwards

This solution provides monitoring of threats on a global scale and a comprehensive system of coordinated protection. Using threat intelligence feeds from international organizations like CERT and SOCs, the security platform is automatically updated to protect against these kind of attacks using these approaches:

• Signature definition offers the capability to respond to an attack that has been discovered. In general, the signature can identify the viral load that was exploited.
• The behavioral response provides protection based on the legitimate use of a resource (network, memory or data registry). It anticipates the exploitation of a zero-day vulnerability.
• The context-based response takes into account all protection modules. It monitors all the security modules and responds according to data that has been collected recently.

The built in vulnerability assessment module and the always on IPS play a crucial role in preventing zero day attacks.

By collating the data from all modules including deep inspection, IPS, anti spam, content analyser, threat intelligence feeds, vulnerability assessment as well as integration with SIEM, our solution provides rock solid security to your network. Get in touch with us today for a proactive defense evaluation.

Penetration testing will examine the prevention, detection and defensive mechanisms of a network by uncovering its vulnerabilities and attempting to exploit them.

The first part of penetration testing resembles a vulnerability audit. However, once the vulnerabilities are detected, the pen-tester will attempt to exploit every vulnerability to identify those which can compromise a network, its systems, data and services. If the pen tester is able to breach the network’s defenses without raising an alarm, then it’s an indication that the security controls need to be strengthened. The penetration test can be done in a variety of ways.

• Whitebox test
• Blackbox test
• Graybox test
• Red / Blue team assessment

Edifylabs Next Generation Penetration Testing combines and enhances all the positives of Manual Penetration Testing and Automated Vulnerability Scanning, eliminates any of the negatives of both then layers effective remediation management (facilitated by the Edifylabs Risk Profiling Algorithm) over the top.

More than ever, employees are the weakest link in an organization’s network security. As Malcolm Norman CiSO of Wood Group Plc said, there is a heartbeat behind every cyber attack. In this case it’s internal. More than 95% of the cyber attacks happen due to human error. Employees are exposed to ever more sophisticated phishing and ransomware attacks. Education around cyber security continues to be one of the most under-invested parts of our industry and yet, has the ability to have the greatest impact.

Our managed security services, protect your corporate assets wherever they are vulnerable or exposed to the threat of attack.

With an ever-evolving cyber landscape, businesses are facing increased and more complex threats to their environments. Attacks are happening at a far greater rate and the damage they pose is immeasurable. From data breaches, to insider threats, to ransomware attacks, the list is endless. As a result, many companies find themselves navigating through little understood waters without the right equipment, or knowledge at their disposal. The fall out is that these organisations become victims to truly damaging attacks, costing them both in revenue and reputation.

Edifylabs helps UK organisations of all sizes build cyber-security capabilities and maintain compliance through practical consulting and managed services. Our unique security standing means we monitor highly regulated government networks, we take this capability and apply the same level of service to all our clients across the board, giving them the highest level of protection and ultimate peace of mind.

Our managed cyber security services encompass prevention, detection and remediation. This robust multi-pronged approach means that we cover all areas, warding of the danger posed by Advanced Persistent Threats APT and other players.

Threat Management
Vulnerability Management
Incident Response
Protective Monitoring

All Edifylabs CSOC employs a leading array of cyber engineers and analysts from varying backgrounds, meaning we are always on the cutting edge when it comes to understanding and operating within the ever-changing threat landscape.