The number of threats and the level of sophistication of bad actors is on the rise. IT budgets are tight and cybersecurity skills are at a premium. Mobility, bring your own device, virtualization, the cloud, big data and social media can pose risks as well as inefficiencies if they’re not properly managed. We provide you with the cybersecurity expertise and experience that you need to secure your organization. Whether it is managing the technologies you already have deployed or providing you with a “solution-as-a-service” where there is no need to purchase any hardware and software, our experts are here to help.
You may be interested in Rocus CyberFusion™, our end-to-end, security-as-a-service platform.
Managed Firewall Service
Specialized management for Legacy and Next Generation Firewalls
Changing business and security demands make firewall management and monitoring an expensive challenge for organisations. Firewall management is time consuming and unless performed by dedicated security professionals, mistakes can happen and threats may filter into your organization.
Rocus’ Managed Security Operations can manage Legacy and Next Generation Firewall solutions from leading vendors at a predictable monthly cost and is capable of generating meaningful insights about data moving in and out of the organization.
What We Offer
- Provisioning, deployment, configuration, management and upgrade support.
- Verification and validation of new installations prior to going live
- Login verification, control over privileged users, and review approval of firewall rule requests.
- Proactive management, health monitoring and alerts
- Incident and event response
- Firewall log management and user correlation
- Comprehensive support up to and including level 3
- Ensuring compliance with security standards
- Policy development, reviews, and updates
- Clear communications paths and a defined single point of contact
Identify and patch your vulnerabilities
Remove the ongoing burden that Vulnerability Management places on your team. Rocus’ Vulnerability Management as a service gives you back control and peace of mind through:
- Complete visibility of vulnerabilities in your applications and network
- Reporting optimised for your environment, threat landscape and compliance
- Prioritised to-do lists that you can put to action straight away
- Scalable service structure that adapts to changes in your environment
Rocus’ Vulnerability Management Lifecycle
- Discover – We will scan your environment to discover security vulnerabilities across your network devices, servers, web applications, and data-bases.
- Analyze – Here we review scan results, identify and manage false positives, and prioritize remediation activities based on your IT assets and your business environment.
- Report – Our security experts will produce an actionable report with prioritized, structured, and manageable remediation advice
- Manage – We will constantly monitor the health of the service to ensure continuous coverage. We also provide you with metrics to report on your organization’s security posture.
Get the most out of your firewall
Our Next-generation Firewall-as-a-Service provides you with the management, support, and infrastructure you need to deliver advanced security controls on a consumption basis. While enabling rapid implementation, our Next-generation Firewall-as-a-Service eliminates the cost of finding and retaining experienced security personnel as well as the cost of ongoing management and support. An integrated hybrid solution allows you to simplify governance by centralizing management of on-premise and cloud infrastructure, and enabling the consistency of protection across your environment.
Secure sensitive data with our Email-as-a-Service
Email Security-as-a-Service includes:
- Spam detection: advanced spam, graymail, and fraud protection, supported by an advanced and continuous machine learning technique (MLX).
- Antivirus and antispyware: layered virus and worm scanning to block known viruses
- Data loss prevention: scanning of all data in outbound emails, including body copy and attachments
- URL defence: blocking of URL-based threats using a multi-layered approach that identifies malicious URLs in the spam filtering stage and re-writes to prevent direct access to potentially malicious sites
- Attachment defence: analysis, detection, and blocking of malicious attachments in inbound and outbound messages
- E-mail encryption enforcement of email delivery over an encrypted channel
- Social media account protection across all major social networks, including Facebook, Twitter, LinkedIn, Google+, and YouTube
- E-mail archiving (optional): provision of a safe, simple, and cost-effective service for email retention
- E-mail protection and continuity: keeping employees, customers, partners, and suppliers connected 24/7 when email networks experience either routine or unexpected outages
- Unified policy administration: secure, easy-to-use web interface allowing end users to continue to send and receive messages with protection, search for, and retrieve stored messages, and manage quarantines and message stores
Advanced Endpoint Security-as-a-Service
Secure your computers and servers
Anti-virus is no longer effective a preventing attacks to your computers and servers. We provide our Advanced Endpoint Security-as-a-Service utilizing an artificial intelligent agent which inspects every file and bit of code to determine whether it is ‘safe’ or a ‘threat’ before it can cause harm. Essentially it examines the ‘DNA’ of code and highly accurately identifies the indicators that will be malicious in nature. It is designed to be simple, highly effective and ‘silent’ so that you are protected whether online or offline without having to constantly download protection files or scan the computer.
For individuals users, this gives you confidence your files and sensitive data are not being stolen or damaged.
For IT administrators, this ensures confidence that your users are protected and productive, regardless of device, location or computer competency while giving you back your nights and weekends.
Technically, our Advanced Endpoint-as-a-Service solution provides significant advantages over traditional anti-virus solutions:
• Small footprint – it does not spider throughout the machine and attempt to hook the various applications like traditional AV. So its impact on the OS and its various applications is transparent to both the user and machine. Performance-wise it uses between ~20mb and ~60mb of RAM (depending on policy) and operates at <1% CPU.
• Signatureless – it does not rely on pre-defined signatures at all. Instead all files are calculated and compared against a series of probability models to determine if it is good or bad. This also means there are no regular DAT file downloads and system rescans to compare the system files against newly added signatures. Instead we update our models quarterly, which drastically lowers the operational maintenance costs and likelihood of error. The models also future proof the system against attacks that have yet to be seen.
• Memory Defense – We use memory defense to protect the system against commonly used memory-only exploits that allow attackers to escalate privilege or establish a greater foothold into the operating system often attacked through compromised web sites.
• Flexible – it can coexist with other solutions already present on the machine, including: AV, EMET, ASLR, HIPS, FW, Whitelist apps, etc. Management happens in the cloud, which allows endpoints to report in (to receive policy, upload new samples and report back findings) whenever they are online
• Easy to Use – The product deploys easily via simple download or MSI but is maintained via the cloud (for upgrades). Optionally, it can be deployed in a hidden mode, which does not allow the user to see any signs of it on their machine or receive prompts if unsafe files are detected.
Employee Awareness Training-as-a-Service
Secure your people
Old school Security Awareness Training doesn’t hack it anymore. Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks. Our service provides the following high level features and is managed by our expert security staff.
- Baseline Testing – We provide baseline testing to assess the Phish-prone percentage of your users through simulated phishing attacks.
- Train Your Users – The world’s largest library of security awareness training content; including interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails.
- Phish Your Users – Best-in-class, fully automated simulated phishing attacks, hundreds of templates with unlimited usage, and community phishing templates.
- See The Results – Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management. Show the great ROI!
Insights to your data
Our Security Information and Event Management (SIEM) service is a flexible, 24/7 monitoring and response managed service that can either be built within your environment and managed by our trained professionals or offered to you as a cloud service.
- SIEM solution management, monitoring, and maintenance by experienced security analysts in our Security Operations Center
- 24/7 performance and availability event monitoring, providing constant vigilance for your perimeter security
- Effective implementation of software updates, patches, and systems configuration
- Rapid intrusion detection, escalation, and response
- Industry best practices to ensure a high level of network access and information availability, integrity, and privacy
- Asecurity portal that provides full visibility of your security and compliance posture, giving you the intelligence and analytics you need to easily understand your risks, demonstrate compliance, and make better security decisions
- Flexible threat analysis options, including scheduled analysis or the option to right size the solution by including all or a subset of the logs forwarded to the Security Operations Center for 24/7 real-time threat management
- Access to highly trained security experts who act as an extension of your in-house IT team, providing analysis, configuration, content development and maintenance, and use case development
Risk less and achieve more with our Managed SIEM service:
- Reduce the cost of hiring, training, managing, and retaining high-quality security engineering personnel.
- Respond effectively to availability events or issues with system performance.
- Gain meaningful insights and new perspectives to make better security decisions.
- Demonstrate adherence to regulatory requirements.
- Gain enterprise-wide visibility into the performance of security control.
Secure your data in the cloud
The use of software-as-a-service applications is creating new risks and gaps in security visibility for malware propagation, data leakage and regulatory non-compliance. Our Cloud Security-as-a- service delivers complete visibility and granular enforcement across all user, folder and file activity within sanctioned SaaS applications, providing detailed analysis and analytics on usage without requiring any additional hardware, software or network changes.
• Complete visibility across all user, folder and file activity, providing detailed analysis that helps you transition from a position of speculation to one of knowing exactly what’s happening at any given point in time
• Retroactive analysis of data exposure that doesn’t just look at data in-line but also from the creation of the SaaS account itself, no matter how long ago that was
• Deep analytics into day-to-day usage that allow you to quickly determine if there are any data risks or compliance-related policy violations
• Granular, context-aware policy control that provides you with the ability to drive enforcement and quarantine users and data as soon as a violation occurs
• Advanced threat protection to block known malware and identify and block unknown malware
Better threat protection
Threat Management-as-a-service, an offering within our managed security service portfolio includes:
- Real-time security event management: security device monitoring for security events 24/7/365
- Powerful correlation: global and predictive intelligence, content- and context-aware monitoring
- Threat analysis and incident response: support during the process of incident identification, investigation, response and containment, rectification, restart and monitoring
- Risk and threat assessment: proactive risk assessment to understand the overall vulnerability of any particular asset within the organisation
- Visibility and reporting: detailed security dashboards including powerful search and reporting tools available 24/7 via a client security portal