Detection and Response
Detection and Response
Our NDR platform, NovaCommand provides customers with the ability to detect threat, simplify investigations and respond to security threats. With advanced techniques such as artificial intelligence and machine learning algorithms ensuring accurate detection of threats and reducing false positives. With Managed NDR we add human expertise to provide clear reporting and instructions when it comes to network threats.
What we do
- Analyze the logs and alerts captured by NovaCommand
- Identify potential threats in the customer’s network detected by NovaCommand
- Provide remediation recommendations and improvement plans to help prevent major security incidents and improve overall security posture
What we deliver
- Periodic (monthly / quarterly) analysis of logs and security alerts captured by NovaCommand
- Transparent listing of identified threats, IoCs and vulnerabilities detected by NovaCommand before exploited by attackers
- Constant check for so far unidentified attack patterns and unexpected behavior of network clients
Managed Network Detection & Response In Action – 3 Simple Steps
Step 1: Analyze
- Analysis of security logs captured on NovaCommand
- Identify threats, vulnerabilities and weaknesses
- Verify and validate discoveries with multiple threat intelligence sources
Step 2: Investigate
- Gather additional information to enhance analysis context
- Validate detected threats and events against customer environment to eliminate false positives
Step 3: Report
- Provide monthly / quarterly report covering 3 key aspects:
- Business impact analysis
- Security gap analysis
- Long term improvement plans and recommendations
Uncover Network Threats and Vulnerabilities for Our Customers
Our Managed NDR service focuses on looking for threats and vulnerabilities that may exist in your environment but may have not been detected by existing security controls. We rely on NovaCommand’s detection capabilities in combination with the analytical experience of our security consultants to look for not just obvious threats, but also indicators of what may potentially lead to severe security incidents as well.
- Ransomware, crypto-mining, worms, botnet
- Malicious C&C traffic
- Suspicious files
- In-depth analysis of exploit attacks
- Webshell Upload attempts
- Web application attacks
- Software configuration analysis
- Suspicious and abnormal data exfiltration analysis
- Web plain text transmission (external)
- Weak passwords
- Intranet threat analysis
- Network security abnormalities Web plain text transmission (internal)
- Unauthorized scanning behavior
- Password brute force events
- Lateral traffic movement
- Inbound web application attack
- Protocol misconfiguration
- Unencrypted protocol use
- Protocol version analysis
Delivering Value with Managed NDR
While we are targeting to help customers benefit from the use of NovaCommand, we ultimately are also looking to ensure that you gain value from our services that will enrich and enhance your security posture and gain the continuous visibility you need.
- Security Visibility – Analyzed and Explained: Leverage our security professionals to help you detect potential security threats and understand your current threat posture.
- Improved Security Posture: Allow our remediation and improvement recommendations to help make your security better and increase your readiness to face security challenges.
- Regular Assessment and Analysis: Continuously understand the changes in your environment and always be aware of potential threats that may arise.
- Informed Planning and Prioritization: Leverage the information provided by this service to effectively utilize your budget and prioritize your security improvements.
Tap into expert insights & best practices
ForeNova’s experts share valuable insights, best practices, customer challenges and industry trends. Learn from security practitioners and thought leaders on how to best protect your business from new and persistent cyber threats.