Datashield Partner Digest for the Week of June 1st, 2020 - Highlights: Protecting customer data with RSA Security, Proofpoint launches industry-first company level attack insight plus Microsoft ATP and Digital Shadows service spolight.
At Datashield, we pride ourselves on partnerships and are always looking for way to highlight what's new in the industry and with our partners. This helps us bring out the latest and greatest trends and key features for the services we use to bring you the best in MDR service.
Partner News and Updates
Find out what's new with Datashield's partners!
Protecting customer data everywhere and anytime.
Now more than ever, as behaviors change and technology adoption increases, cybercriminals and fraudsters benefit from an ideal playground. Not only are criminals guzzling from a cornucopia of personal data resulting from endless data breaches, they now have an opportunity to target businesses scrambling to adapt to a “new normal.”
Organizations must continue to address the challenge of protecting customer data everywhere and anytime. They must apply the very same rigor to their employees and third-party ecosystems, all the while trying to navigate this unprecedented crisis.
Governments are faced with the same challenges. They’re trying to develop regulations to adapt for new technologies and monitoring for new crimes. They do this while dealing with an exceptional and multi-dimensional global disruption.
Read more here.
Proofpoint Launches Industry-First Company-Level Attack Insights for Customers.
Understanding the threat severity, not just volume of attacks, targeting your people and your organization enables better protection from data breaches and financial losses. For some time now, Proofpoint has provided this type of unique insight through the Proofpoint Attack Index. The Proofpoint Attack Index quantifies a security risk based on four factors:
- Attacker sophistication (e.g. nation-state vs. unknown actor)
- Targeting type (e.g. highly targeted vs. broad-based campaigns)
- Attack type (e.g. credential phishing, backdoor malware, etc.)
- Attack volume (e.g. how much is this person being attacked?)
Read more here.
Microsoft Advanced Threat Protection (ATP) Service Highlight
Azure Advanced Threat Protection (ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Azure ATP Features:
- Monitor users, entity behavior, and activities with learning-based analytics
- Identify suspicious user and device activity with both known-technique detection and behavioral analytics
- Analyze threat intelligence from the cloud and on-premises
- Protect user identities and credentials stored in Active Directory
- View clear attack information on a simple timeline for fast triage
- Provide clear incident information on a simple timeline for fast triage
- Monitor multiple entry points through integration with Windows Defender Advanced Threat Protection
Digital Shadows Service Highlight
Digital Shadows is the leader in digital risk protection software designed to protect you from external threats, continually identifying where your assets are exposed, providing sufficient context to understand the risk, and options for remediation.
24x7x 365 alert monitoring by the Datashield SOC using Digital Shadows against the following activities. Analysts will monitor and triage alerts and escalate to the customer as required.
Data Loss Detection
- Exposed Employee Credentials. Exposed employee credentials can enable attackers to perform account takeovers.
- Company Data Loss. Banking Identification Numbers (BIN) or API keys.
- Technical Data Loss. Samples of code or configuration data.
- Exposed Sensitive Documents. Detect confidential, private and sensitive documents that are not meant for distribution, such as exposed contracts, intellectual property, and confidential board minutes.
Online Brand Security
- Domain Impersonation. Uncover web domains similar to your actual domain names. These are often used in phishing, malware or credential harvesting threats.
- Mobile App Risks. Impersonating apps on Google Play and Apple app stores.
- Spoof Social Media Profiles. Unofficial social media accounts using client brand name or a company VIP.
Attack Surface Reduction
- Exploited Vulnerabilities. Major vulnerabilities in your infrastructure that have active exploits being used in the real world and allow for remote code execution.
- Open Ports. Exposed ports that indicate services or assets available online that may offer a route to compromising your network or pose a significant risk in being exposed.
- Certificate Issues. Expiring, revoked, insecure or vulnerable SSL certificates and configurations.
- Misconfigured Devices. web-facing clients with a potential for data exposure
- Monthly status call with Datashield Engagement Manager
- Monthly Executive Summary Report