CSC Advanced Endpoint Threat Detection Service
Protect a wide range of endpoints from known and unknown malware and other attacks across traditional and cloud-based environments.
The cloud, social media, mobile devices and other digital technologies provide new opportunities for enterprises to promote collaboration, expand into new markets and reduce costs. But they also give determined adversaries new ways to steal data and wreak havoc on enterprise IT systems.
One-size-fits-all, signature-based malware and intrusion detection systems are no match for today’s sophisticated advanced persistent threats (APTs). And few in-house IT departments have the resources to truly understand and defeat these potent new enemies.
CSC’s Advanced Endpoint Threat Detection service fills that gap. Our service delivers real-time detection and expert insight to anticipate, locate and disrupt APTs at a global scale in both traditional enterprise and cloud-based environments, including servers, desktops, tablets and smartphones. We deploy, configure, manage and monitor all aspects of a client’s APT platform, from policy creation to system updates and upgrades.
Even better, our next-gen solution is continually evolving, integrating threat intelligence — from both machines and humans — to track threat actors anddetermine their tactics, techniques and procedures (TTPs). With our Advanced Endpoint Threat Detection service, you can confidently secure your organization’s infrastructure and sensitive data, while shifting internal resources to more strategic work.
CSC’s Advanced Endpoint Threat Detection service is based on a seasoned, multidisciplinary approach that considers both business and technical vulnerabilities. To counter APTs, we combine three important features:
- Actionable intelligence and countermeasures generated by monitoring and analysis tools proven to detect unknown threats
- Rapid incident-response capabilities to isolate and shut down APTs before they can damage your business
- Proactive, ongoing defense techniques to anticipate and guard against rapidly evolving APT tools, tactics and procedures
Beyond Detection and Assessment
Our clients receive: APT detection; APT prevention; threat analytics and analysis; targeted threat breach assessments; incident response and remediation; threat intelligence protection/attribution; and integration into our Global Risk Management Centers, which provide 24x7 APT monitoring. Benefits include:
By capturing all endpoint activity and sending it to a centralized repository, our service provides unparalleled visibility into threat activity. You can immediately detect attacks and protect data without having to rely on periodic sweeps and scans. Skilled analysts will help you develop a comprehensive Detect-Analyze-Adapt- Respond life cycle based on your unique risk profile. And our robust monitoring and analysis platform uses heuristic and behavior techniques — rather than just signatures — to detect, shut down and block APTs before they do harm.
Using machine learning, Indicator of Attack behavioral blocking and exploit blocking, the service allows users to block known malware attacks and also prevent intrusions from unknown malware and non-malware attacks. Our skilled analysts will help deploy, manage and customize these prevention policies to fit your risk profile.
Threat Analytics and Analysis
CSC’s expert APT hunters proactively examine host sensor data for suspicious processes and anomalous activities, behaviors and network connections that may indicate an emerging threat or new attack technique. This human-led intelligence augments the automated APT detection and prevention.
Threat Intelligence Protection/Attribution
The service combines advanced machine learning and graph data modeling to analyze billions of endpoint events, correlate anomalies and alert clients when an attack is underway. Detailed analysis helps you understand adversaries’ motives, anticipate their actions and prevent them from causing damage. It also keeps you up to date on breaking events that matter to your industry, brand, infrastructure, users and customers.
Integration into Our Global Risk Management Centers
CSC’s Security Information and Event Management (SIEM) platform integrates Advanced Endpoint Protection to give clients centralized, 24x7 alert monitoring and investigation through our Global Risk Management Centers. CSC will help you manage risk, overcome the most extreme threats and gain end-to-end visibility of governance and compliance.
Targeted Threat Breach Assessments
The service ensures rapid assessment and analysis of APTs on an ad hoc, quarterly and yearly basis. CSC isolates adversaries that are still present, determines the avenues used by attackers and discovery methods to mitigate those risks.
Incident Response and Remediation
As APTs become more sophisticated, your organization will need to respond rapidly to suspected or known security incidents. To help you prepare, CSC designs, implements and tests Incident Response and Remediation Plans. In case of an incident, our well-trained cybersecurity specialists, investigators and forensicdata collectors will take action and deny APTs further access to your environment.
CSC Risk Management Consulting
Our risk management consultants deploy proven tools and methodologies to perform internal and external vulnerability assessments. These services cover everything from single systems to the entire enterprise, and range from nonintrusive compliance scans to full-scale penetration tests. We provide you with a clear understanding of your vulnerabilities, as well as global trends and root causes, to help your organization meet compliance and security goals.
CSC’s Advanced Endpoint Threat Detection service will seamlessly integrate these vast benefits into your current security environment and transform your security infrastructure. Our service will give you confidence to shift limited internal resources away from complex APT detection to projects that better advance your strategic business goals.
Security Experts Who Understand Your Business
CSC combines more than 40 years of experience in information security with leading tools and methods to support your security program and protect your operations.
With our deep industry knowledge, our pool of more than 1,800 security specialists and our end-to-end solutions for traditional and next-gen technologies, we enable our clients to successfully and securely transform in the higher-risk digital age.
Contact us to learn more about protecting your organization against advanced persistent threats.