Advanced Cyber Security Services
ExSo through our partners can provide the fundamental services related to cyber security.
Penetration testing
We will focus on the following three attack vectors that provide the highest external risk. Once the current external risk is mitigated, future additional testing can be used to address risk inside the organization.
– Physical Penetration Testing
An important corner stone of cyber security today is that unauthorized access to physical resources is limited, this includes access control to the business park, company offices, and restricted areas.
– External Penetration Testing
This testing will focus on the resources presented externally to the internet that allow cyber criminals to exploit the client’s system remotely and access business critical information.
– Spear Phishing or Whaling simulations
One of the greatest security risks is the exploitation of vulnerabilities of the human nature. For example, email attacks directed at key staff, creating a false sense of trust and normally ending in the transfer of funds to the attackers unknowingly.
Managed detection and response (MDR)
Cloud based SIEM collecting system events and monitored 24/7/365 by our partnered Security Operation Centre (SOC) based in South Africa, India and the UK. Monitoring extends into Mimecast, Azure, AWS, GCP and other cloud services providers with API’s or custom integrations. Our solution provides cloud connected endpoint detection and response agents irrespective of the existing endpoint protection that is already in place on client’s endpoints in the cloud or on premise.
– Log Correlation
Logs from all critical devices, servers and network equipment are sent to a central, tamper-proof system that correlates the log data and provides notifications based on analysis.
– Detection and Response
Once all logs ae correlated, indicators of compromise (IOC) and indicators of attack (IOA) can be detected holistically over all devices and the necessary response can be applied to reduce the exfiltration of data or prevent the attack in future.
– Discovery
As part of the SIEM solution we will have weekly discoveries of assets running to ensure the early detection of rogue devices on the internal network, after a baseline is established. This will include all assets.
– Security Operation Centre
ExSo partnered with a local Security Operation Centre based in South Africa, to provide 24/7/365 SIEM and response service base on the security needs in the financial sector.
Dark Web monitoring
Monitoring the Dark web for credential compromise thereafter investigating credentials for validity and reporting these findings to the client to action or approve the recommendations.
Privileged Account Management (PAM)
The solution will also improve the overall security posture and extend the controls that are in place for governing key systems and applications ensuring that only the right people retain the right access to the right systems across the organization.
Identity Access Governance and administration (IGA)
Managing and protecting the user credentials and resource access is the corner stone of cyber security.
Security awareness training
Technology and processes are not always adequate to protect an environment against cyber-attacks, training end users is required. Cyber security awareness training is a necessity in today’s culture. As technology rapidly advances and its use expands, cyber criminals keep ahead of the pace with new and sophisticated methods of attack. Effective cyber security begins with awareness. Recent studies have shown that cyber criminals are increasingly targeting users as a means to gain entry into corporate or personal networks. Our goal is to help people understand not only the risks that come with using the Internet, but also the responsibility.
– Email Security
Email is the primary method that attackers will use in order to target your company. They may do this via targeted phishing emails, malicious URLs or even email attachments containing malware. Learning to recognize these emails and distinguish them from legitimate communication is an essential skill to have. Other email related topics include spear phishing and Business Email Compromise (BEC) attacks. Staff should be able to recognize phishing emails, avoid clicking on malicious URLs and understand the threat posed by malicious attachments.
– Web Security
Cybercrime is rampant on the web today. Some criminal activities include identity theft, organized fraud and malicious hacking. It is now estimated that around 1 in 10 web pages contain some kind of malicious code. The primary motivation for these cyber criminals is financial gain. The majority of the threat landscape consists of financial crime. Staff needs to be well versed with the latest web-based attacks and informed about the importance of keeping software up to date. We educate staff on how to recognize malicious web pages and identify websites which are not using HTTPS to process data securely.
– Mobile Security
We are living in the information age of cloud-based platforms, where we require data on demand and increasingly use mobile devices to enable our businesses. Each mobile device represents a potential point of compromise and educating end users is critical so that we can secure these devices. Our mobile application security training includes information about best application installation practices, the inherent insecurity in Public Wi-Fi as well as the risks when using Public Wi-Fi and how to use it securely when connecting with your mobile device.
– Data Protection
Providing adequate training to employees concerning data protection is critical. Employees all have a legal duty to protect and safeguard the information and data that they manage, particularly Sensitive PII (Personally Identifiable Information). Employees should be educated on topics such as data protection legislation POPI and GDPR if required, industry compliance obligations, secure data destruction, data classification and breach notification procedures.
– Environmental Security
Environmental security concerns the systems and controls that we use to restrict access to sensitive information and resources. Environmental security controls include CCTV cameras, ID cards and access control systems. Without physical security controls, our digital defenses could be rendered completely useless. For example, if attackers had physical access to our servers they could install a key-logger to gather password information. Security awareness training is essential in preventing physical security attacks such as tailgating and shoulder surfing. Employees need to be educated about best security practices such as workstation locking, visitor policies and the importance of a clear desk.
– Password Best Practices
Passwords are part of our everyday lives, yet we often overlook the importance of strong passwords. Employees should be educated about why passwords are important, passwords usage, common password exploitations, two-factor authentication and how to create strong, memorable passwords.
– Malware
Malware is one of the most serious threats to any organization, particularly with the introduction of new Ransomware style attacks and Crypto jacking. Malware has gone from becoming a nuisance to a legitimate threat to the confidentiality, integrity and availability of your data. Employees should be educated about malware, the risks that it poses and information regarding common attack vectors such as ZIP files and macro-enabled Office documents.
– Social Engineering
The single greatest threat to your security today is an attacker that is skilled in manipulating human nature. Scams such as business email compromise rely upon social engineering in order to be successful. As social engineering is the leading method that attackers will use, awareness training will educate employees about the nature of the risk and how it affects them. It is important that employees understand a little bit about the psychology of influence (for example scarcity, reciprocity and urgency) so that they can better combat these attacks.
Organizations need to understand that their employees are the weakest link when it comes to cybersecurity. This is referred to as the “Human Factor” and our aim is to provide staff with the necessary cybersecurity awareness training to assist them in making informed decisions before they potentially expose the company.
One of the best ways to ensure company employees will not make costly errors in regard to cybersecurity is to institute company-wide security awareness training initiatives that includes classroom style training sessions, security awareness website(s), helpful hints via e-mail, or even posters. These methods can assist employees in having a solid understanding of the company security policy, procedure and best practices. Learning is most efficient when small bites of targeted information is given frequently and reinforced over time. Our training is designed in view of how people learn and work.
Training will include:
- Online based training via Portal
- Simulated email phishing campaigns – 12 per user (3 per user per Quarter)
- Monthly email updates on specific topics relating to training provided
- Email exposure checks performed on all users every quarter
– Employee Benefits for Staff taking part in the training program
Our program helps employees understand the importance of security awareness not just in the workplace, but also at home. We teach users about privacy, security, and how the lessons learned at work can apply at home and in their personal lives. This provides an incentive for employees as the training can be applied to their daily lives.
Assessments and Advisory
Infrastructure and Policy reviews, Business continuity, disaster recovery and strategic planning to prepare for the future cyber security challenges. The exploitation of vulnerabilities by unauthorized or malicious individuals (both internally or externally) could have a material impact your ability to deliver. Our operational security testing provides organizations with a comprehensive assessment of their security posture, both externally and internally.
Cyber threats will continue to multiply. The advent of the digital world, and the inherent interconnectivity of people, devices and organizations, opens a whole new playing field of information and communications technology threats and vulnerabilities. External Threat and Vulnerability assessment is the process of identifying the exposure in the Internet facing infrastructure which may potentially lead to the exploitation of your systems, data, and information. Internal assessments identify the risk to the organization in relation to internal users or systems and the impact that attacks like ransomware could have on the organization
- External Assessment: Identifies vulnerabilities from the outside in
- Internal Assessment: Identifies vulnerabilities on the inside of the network.
Our security testing team will perform a thorough assessment using the top commercial, open-source, and in-house tools. The results are analyzed to ensure only exploitable vulnerabilities are reported, including combinations of low risk or informational vulnerabilities that form an exploit chain and represent a measurable risk.
End Point Protect Solutions
As the traditional enterprise perimeter is fading implementing XDR, backups, vulnerability, and patch management on end points is critical. Traditionally antiviruses focused on virus, grayware and malware. Advance Endpoint Security include additional requirements like endpoint response and detection (ERD), full disk encryption (FDE) and data loss prevention (DLP). These solutions matured over the last 5 years and is fast becoming the enterprise standard for endpoint protection.
Cyber Security Reviews
Cloud, Physical, Internal and External vulnerability assessment and penetration testing of infrastructure and DAST testing of web services.
Hardware and Software
ExSo has partnered with leading Vendors and Distributors in order to supply both hardware and software to our client base including but not limited to HPE, DELL, VMWARE, H3C, FORTIGATE, PALO ALTO. We have a big focus on leading and upcoming brands in the industry such as Cohesity, Opengear, StorVault and Thermal Image Radar and will keep introducing products and solutions that fit in with our go to market strategy.