top of page
Cybereye-02.png

Managed Cybersecurity Services

Managed Services

Learn more >

5.png

Managed Services

6.png

Managed Detection & Response

7.png

Microsoft Cybersecurity Services

MANAGED SERVICES

DEVICE MONITORING AND MANAGEMENT SERVICE

5.png

Security Monitoring: Through the event correlator (SIEM) sized to centralize and correlate all traffic derived from sources coming from the client's infrastructure and security components. Additionally, device management services are contemplated, that is, the CYBERPEACE SOC acquires the custody and administration of the security devices implemented in the client with the objective of maintaining correct operation and containment of any threat that is observed during delivery. of the client's technological infrastructure monitoring services.

Activities within the delivery of this service are contemplated:

  • Suspicious activity monitoring

  • Suspicious activity alert

  • Monitoring of anomalous behavior on the network (UBA)

  • Monitoring of anomalous entities and users on the network (UEBA)

  • Additions, Deletions, Changes (ABC) of configurations, rules and policies on devices within the scope of the service.

  • Maintenance, support, incident management, escalation of cases to 2nd, 3rd level and to the solution manufacturer.

  • Updates, backups, and continuous improvement of the configurations of the devices managed by the SOC.

  • Monitoring the availability and performance of devices managed by the SOC.

MANAGED DETECTION & RESPONSE

Managed Detection and Response (MDR) services are a range of next-generation specialized services, which use Machine Learning (ML) and the execution of Playbooks (PB), delivered in 24x7x365 schemes, with high availability and scalability from the Security CYBERPEACE Operation Center (SOC).

We provide organizations with threat detection and response services before, during and after being identified, as well as access to the elite multidisciplinary team of hunters, investigators, forensics and cybersecurity analysts, who are responsible for monitoring and supervising all events generated. in the network infrastructure.

CYBERPEACE presents the advanced cybersecurity services that represent a greater requirement by our clients. These services are easily implemented from the point of view of the Detection and Response framework aligned to NIST and MITER ATT&CK.

 

INTRODUCTION

 

Using new generation platforms that use machine learning and artificial intelligence, CyberSOC services offer a range of scopes based on customer requirements, whether your infrastructure is On-premises or in the Cloud, CYBERPEACE has the knowledge, experience and the appropriate offer to guarantee a correct security operation aligned with the best practices and international standards by having our MDR SOC certified in ISO 27001:2013 in the core process of response and management of cybersecurity incidents, we have aligned our services based on the times and phases in which an attacker or threat attempts to gain unauthorized access to customer infrastructures through managed detection and response.

Horizontal covers - Cyberpeace(1).png

DETECTION

ANSWER

Early

Late

Coordinated

Immediate

Incident

of

Security

Avoid the impact of known threats by anticipating them.

Find under-the-radar APTs and expose them.

Centralized real-time monitoring of all your devices.

Incident response and management.

Recovery, vulnerability mitigation and hardening.

Support strategies in incident management.

SCOPE OF SERVICE

 

Event Correlation Service

Correlation of events will include monitoring, consolidation and analysis of logs and system audits through machine learning models that are generated in multiple data sources with a specific purpose, providing Managed Detection and Response (MDR) services to cybersecurity incidents.

 

Activities within the delivery of this service are contemplated:

 

  • Data source onboarding

  • Data source analysis

  • Generation of Use Cases

  • Connector Maintenance and Support

  • Creation of Dashboards

 

Threat Anticipation Service

Our Threat Intelligence services are based on the collection of information, in particular the exchange of indicators of compromise (IoC), using feeds or sources of information, both open and closed, which provide the MDR SOC services with the intelligence necessary for the anticipation of known threats, all centralized in one platform that provides the ability to record and save all evidence. Activities within the delivery of this service are contemplated:

  • Data source onboarding

  • Onboarding of digital identities

  • Platform tuning

  • IoC monitoring

  • Clear, Dark and Deep Web Monitoring

 

Threat Hunting Service

Also known as active cyber defense services. It is the process of proactive and iterative searching across networks to detect and isolate advanced threats that evade existing security solutions. This is in contrast to traditional threat protection measures, such as firewalls, intrusion detection and prevention systems (IDS/IPS), malware analysis (cybersecurity), and SIEM systems, which typically involve data-based investigation. evidence after there has been an alert of a potential threat, or suspicious activity.

 

Activities within the delivery of this service are contemplated:

 

  • Defining data sources

  • Platform and agent activation

  • Contact and alert matrix

  • Threat hunting operational process

MICROSOFT CYBERSECURITY SERVICES

7.png

Based on the new generation of Zero Trust strategies which assume that everything is on an open and untrusted network, even the resources that are behind the corporate network firewalls. The Zero Trust model operates on the principle of “trust no one, verify everything.” The ability of attackers to bypass conventional access controls is shattering any illusion that traditional security strategies are sufficient. By no longer trusting the integrity of the corporate network, security is strengthened.

 

In practice, this means that we no longer assume that a password is sufficient to validate a user, but instead add multi-factor authentication to provide additional checks. Instead of granting access to all devices on the corporate network, users can only access the specific applications or data they need.

SCOPE OF SERVICE

In the Zero Trust model, all elements work together to provide end-to-end security. These six elements are the fundamental pillars of the zero trust model, based on these pillars we provide a range of consulting, implementation, tuning, management and monitoring services for Microsoft Cybersecurity platforms and tools:

  • Microsoft Defender for Identity.

  • Microsoft Defender by EndPoint & Server.

  • Microsoft Cloud App Security.

  • Microsoft Information Protection & Defender for Office 365.

  • Microsoft Azure Defender.

  • Microsoft Azure Sentinel.

CYBER INTELLIGENCE

Our Threat Intelligence services are based on the collection of information, in particular the exchange of indicators of compromise (IoC), using feeds or sources of information, both open and closed, which provide the MDR SOC services with the intelligence necessary for the anticipation of known threats, all centralized in one platform that provides the ability to record and save all evidence.

Activities within the delivery of this service are contemplated:

 

  • Data source onboarding

  • Onboarding of digital identities

  • Platform tuning

  • IoC monitoring

  • Clear, Dark and Deep Web Monitoring

8.png
Cyber Intelligence
Microsoft Cibersecurity Services
Managed Detection & Response
Managed Services

SECURE YOUR NETWORK

WITH CYBEREYE

OF INGRAM

bottom of page