智慧型網路惡意攻擊偵測服務 CyberSecurity (ISO/IEC 27032) and Malicious Threat Detection Services
協助企業在即時偵測惡意攻擊與可疑的內部資料外洩偵測行為,防止惡意軟體蒐集將資料外送。
許多安全專家表示,部署防火牆(Firewall)、入侵偵測系統 (IPX)、防毒 (Anti-Virus)、加密 (Encrypt)、身份認證 (Authentication) 與服務代理 (Proxy) 這類 "預防性 (Preventive)" 的網路機制,仍然不足以避免企業敏感資料遭到進階持續性滲透攻擊,以及如何達到在 "第一時間 (Time-zero)" 就立即發現異常。
要將惡意軟體 (Malware) 植入到企業中,比想像中的還容易,途徑無所不在
- 釣魚網站、USB、檔案下載... 等行為都有可能
- 郵件、系統或手機應用程式、社群軟體、通訊軟體等工具都有可能被利用
- ...
RedSocks 惡意攻擊偵測方案
- 蒐集、分析全球超過 39 個惡意攻擊研究來源 (持續增加中)
- 7 x 24 ,每小時更新 1,000,000 筆惡意攻擊行為研究資料,協助您隨時掌握各種網路攻擊行為
- 攻擊行為分析單向更新,不會回傳任何資料,確保企業隱私
RedSocks Alert Analysis 疑似攻擊行為分析
SIEM (Security Information and Event Management) 整合協同運作範例 - Splunk
Related items
Understand how to apply and integrate the information security risk management process (ISRM, ISO/IEC 27005) as part of the organization's business risk management (ISO 31000).
Understand how to apply business continuity risk management principles (ISO 22301) on the organization's ICT business continuity and disaster recovery management.
Personal Data Protection, EU GDPR (and ePrivacy regulation), Trade Secret, Asset management, Information Security Risk Management, Incident and Problem, Access controls on environmental, facilities, equipment, people, communication, networking, system, and application.
Personal Data Protection, EU GDPR (and ePrivacy regulation), Trade Secret, Asset management, Information Security Risk Management, Incident and Problem, Access controls on environmental, facilities, equipments, people, communication, networking, system and application
- Effective immediately - spot malicious threat immediately
- Maximum 2 weeks
- 500,000,000 Personal Data Stolen or Lost in 2015
- Crypto-ransomware Attacks Grew by 35%
To compliance with ISO/IEC 27001, the organisation shall demonstrate its capability on conducting an effective Internal Audit, to ensure the management system fulfills legal (i.e. EU GDPR, DPA, IPRs), legislation, standards (i.e. ISO, IEC, IEEE), contractual obligation (i.e. Trade Secret, IP), policy and procedures requirements.
Also, the competence to plan, operation and continual improvements the management system to control the risks and achieve its expected outcome.
Personal Data Protection, EU GDPR (and ePrivacy regulation), Trade Secret, Asset management, Information Security Risk Management, Incident and Problem, Access controls on environmental, facilities, equipments, people, communication, networking, system and application
Understand how to apply risk management principles (ISO 31000) on organization's information security management.
