Cybersecurity Intelligence Center

Specialized teams dedicated to the security of your systems 24X7.

01
Monitoring and Detection

First Response Elements and 24/7 coverage

  • Supervision and action on security events
  • Support in the identification of issued alerts and perceived threats and response procedures according to predefined levels of criticality and risk scoring.
  • Real time and predefined reporting, focused in simplifying the event analysis;
  • Updated control Dashboards.
02
Incident Analysis and Response

Support Elements to First Response team with defensive analysis and offensive actions skills.

  • Analysis of attack events, with consideration of the attack vector, technology used, target sector and other identified patterns that are considered useful in learning and new patterns detection;
  • Establish reverse engineering actions to identify code, patterns, motivations, origins, and targets.
  • Ensure the correct reporting of events in real and deferred time.
  • Report data to security advisory team.
  • Collection of evidence and artifacts to allow the continuous increase of your prevention and proactive responsiveness.
03
Security Management and Counseling
  • Management and administration of security solutions and strategic and technological partners.
  • Promotion of a maturity overview and reporting on the state and evolution of the organization's security.
  • Identification of continuous improvement actions through visibility and analysis of incidents.
  • Counseling and direct support to the organization’s cybersecurity maturity journey.

Advantages and Benefits of the Cybersecurity Intelligence Center


Cybercrime does not sleep.

Protect your business reputation and credibility 24x7 and reduced your cyber-risks, without the installation costs usually associated to complex security solutions.

Research to the smallest detail

Our solution enables the quick and detailed investigation of incidents, in real time and historic modes, as well as subsequent actions to perform. The technology adopted by Multicert aligned with efficient best practices reduces the time of response to incidents and reduces the free/active time of the attacker in the environment of the attack and the potential scalability of their actions.

 

Data from external sources

The Multicert solution gives context, prioritizes and enriches the investigations. This capacity guides our analysts who interact and research in order to help prioritize and deepen the events knowledge quickly by providing additional context and data. The use of data from external sources reduces the time and effort of our analysts and accelerates the investigation and response time and accuracy to the incidents.

Prioritized and unified workflow

The workflow is evaluated by a scoring matrix and incident review, guaranteed by a native capacity of incident management in the tool adopted. This enables the response and deals with incidents that represent a greater risk to your organization with highest priority.

Integration with best practices of Information Security

Our solution, approach and methodology follow the best practices in the market, in order to obtain the maximum results and to follow and improve the implemented processes, instead of only adding costs, resources and technology to the problem.

Risk Management

Our solution improves our customers’ ability to apply tools and practices that reduce risk, ensure compliance of their processes and accelerate business objectives. Our solution includes services from planning to execution and operational effectiveness in risk management, identity security and security operations. We reduce risk in the business and daily operations by identifying, minimizing and eradicating cyber threats, advancing risk management programs and compliance requirements.

Incidents Response

Early detection and rapid response are crucial to protecting digital assets. This requires access to the right skills. Our solution allows increased access to competent forensic experts who circumscribe and correct attacks by sophisticated opponents.

Advanced attack protection

Organizations are often and specific targeted attacks. Sophisticated and determined opponents can overcome even the strongest defenses. Our advanced cyber defense team helps organizations identify current and desired maturity states and chart a course of security that evolves according to the threats in the environment and protects the organization's mission. Our services permits that organizations to strengthen their preparation, accelerate response and maintain resilience.

Threat Detection and Event Response

Aggregation of log data, terminal protection and network visibility are crucial elements of an effective security program. The threat detection and response team helps organizations apply capabilities and detect advanced threats.

Service Levels Cybersecurity Intelligence Center

  • SILVER - Base Protection

    The basic level of service comprises real-time monitoring of security controls during a period of logical analysis of the organization's infrastructure. This level allows the detection and total visibility of security events with automatic report generation and alerts by event or incident, as well as monthly analysis of the set of events that occurred during that period of time along with suggestions for change and improvements in your security systems and controls.

  • GOLD - Prevention and Counseling

    The second level of service comprises, in addition to what is provided with the Silver package, prevention capacity through the execution of additional sets of control, continuous execution of vulnerability analysis, possibility of feeding raw logs for forensic analysis and Security status reporting, as well as the ongoing support and advice for improvements in security your controls provided by our experts.

  • PLATINUM - Continuous improvement

    The Platinum level includes all the services included in the Gold package, plus customer incident response, security advice and ongoing support. In addition, our control tools with predictive capacities are added along events history analysis, obtaining a greater control of behaviors and patterns of use.

Cybersecurity Intelligence Center Additional Services

  • Application Security
  • Intrusion protection
  • Intrusion tests
  • Vulnerability analysis
  • Centralized log management system
  • Version and update management
  • CyberWatching
  • Training and CyberAwerness
  • Consulting and advice security

Know more regarding each service in the table on the right.

  • Application Security

    A Multicert partnership with a world-renowned manufacturer which enables the implementation of an additional application-level security service. This solution allows automatic and real-time action when the access of unregistered users or abnormal accesses or behavior are detected, such as the unauthorized or unauthorized extraction of data or even the immediate masquerading of the most sensitive or critical data for your organization. The functionality of the solution runs on behavior analysis and dynamic risk analysis.

  • Intrusion protection

    Through the implementation of additional services in the client’s infrastructure, Multicert solution launches automatic blocking controls to ip's or addresses recognized as malicious from additional manual or automatic rules of the cyber intelligence service.

  • Intrusion tests

    After an initial breakdown where possible key points of intrusion are identified, our experts follow a set of offensive practices to verify and exploit the detected vulnerabilities. Experience gained throughout multiple projects enables better tools and greater knowledge to our experts. Along with the continuous updating of security tests and database techniques and the addition of code capable of exploiting vulnerabilities this allows us to develop and evolve controls that are then executed automatically. A goal that will free up effort for more extensive analyzes and to offer our clients a more personalized service.

  • Vulnerability analysis

    Multicert solution is not limited to running a series of tools against predefined controls and known vulnerability databases. Our experts is also add manual controls and correlate the results in the cyber-intelligence service. In addition to evolving the service, this allows us to offer our customers more effective results and a more personalized security maturity map. This service can primarily help reduce the attack surface and touch points, meet regulatory standards, be up to date with new vulnerabilities and reduce false positives.

  • Centralized log management system

    Our solution allows you to add a support component to data collection, archiving and compression of raw logs, which in addition to the centralized and data backup component, enables the reconstruction of events if a forensic analysis is performed.

    The solution allows the collection of logs in numerous formats and a multi-platform source, remotely or through a secure TLS / SSL protocol.

    It supports specific platforms like Windows logs, Kernel Linux, Android, iOS, databases, among others, which can be stored in a file system or in a database and can also be sent remotely to complementary analysis services using secure TLS / SSL communications through secure digital certificate authentication. Additionally, a web based application can be accessed and used to manage and monitor a large quantity of logs without any additional effort.

  • Version and update management

    The version control solution allows you to automatically discover and refer available security updates for your entire organization's software park.

  • CyberWatching

    A specialized threat analysis service will search for the brand or company name in the deep and dark web, as well as in social networks, allowing us to anticipate potential attacks that are being prepared, to detect if the company has been attacked or if there are any company data available on the black market. This service also allows to establish and identify changes in the cybersecurity maturity level of the organization.

  • Training and CyberAwerness

    Multicert has a set of learning contents available to supply your employees with a set of skills aimed at continuously improving the cybersecurity maturity level of your organization.

    The contents are divided between e-learning and face-to-face sessions and cover basic to advanced technical needs. For both IT collaborators and non-IT departments.

  • Consulting and advice security

    Our experts and security managers have a set of skills that allows us to offer our clients a set of tools, actions and advice that covers the full IT Security Lifecycle - from the provisioning, design and infrastructure architecture, to the best practices of installation and configuration of services, as well as good practices of IT Support, maintenance and monitoring. In addition, we provide services to monitor and implement certification and/or regulatory controls, perform system audits and accompany you through your journey and follow-up towards a more secure and mature digital organization.

Security. Your concern is our know-how.

Know the values ​​of our service levels or

ask for more information by email 

security@multicert.com