This post is also available in: Türkçe
Response to Cyber Events
Response to Cyber Events
In response to responding to cyber incidents, we provide IT Managers with solutions that enable them to identify and respond to potential threats, targeted attacks and vulnerabilities in IT infrastructures in a timely manner.
In the context of Cyber Incidents, we offer the following solutions:
- Security Information and Event Management (SIEM)
- Vulnerability Scan and Management
- Targeted & Complex Attack Prevention (Anti-APT)
Security Information and Incident Management – SIEM
SIEM is the solution for collecting, storing, and identifying possible gaps from data from different sources.
The SIEM solution of AlienVault, which we work with, provides the following features:
- Log Management and Correlation
- Threat Database
- Software Asset Management
- Vulnerabilities Management
- Network Intrusion Detection System (NIDS)
- Server Intrusion Detection System (HIDS)
- Folder or file usage tracking
- Service or port tracking
- Vulnerability Analysis
- Event Management
Sibertis offers the AlienVault solution either locally or in a cloud-based manner.
VULNERABILITY SCANNING and MANAGEMENT
The product of Positive Teknoloji company, MaxPatrol, scans the networks of small, medium or large enterprises at desired intervals, detects and reports security vulnerabilities.
Many businesses often conduct manual penetration tests 2 or 3 times per year as required by country regulations, and security holes are identified and necessary corrections are made. Manual processing has a human error factor and reporting is usually standard.
The MaxPatrol solution performs this process automatically, either weekly or monthly. The results of the process are more accurate than manual operations. The number of False Positive is negligible. Scan operations can be done in networks, telephone systems, Wi-Fi networks, databases, operating systems and WEB applications. MaxPatrol is a good alternative to manual scanning due to its low cost, black-box and white-box scanning options.
Features of the MaxPatrol product
- Any network can be scanned at desired intervals,
- There is no human factor, the whole transaction is done through the solution located within the company. In this way, the information of the security vulnerabilities that may arise, not out of the company,
- Fully compatible with SCADA systems,Telko and banking systems,
- Compatibility of transactions within the network is analyzed and verified for regulations such as GDPR, PCI-DSS,
- The use and reporting of the system is extremely simple.
MaxPatrol can automatically perform black-box and White-box scanning on the systems listed below.
- Network equipment such as Cisco, CheckPoint, Stonesoft, Juniper (JunOS, ScreenOS) (including Firewall and IPS)
- Telecom equipment such as Alcatael, Huawei, Nortel, Ericsson and Digium VoIP systems
- Operating Systems such as Windows, MacOS X, Linux, AIX, HP-UX, Cisco IOS, Oracle Solaris, Fedora, Gentoo, Mandriva, Slackware
- Databases such as Microsoft SQL, Oracle, IBM DB2, PostgreSQL, MySQL and Sybase
- Applications and browsers including MS IE /Office, Firefox, Google Chrome, Safari, Opera, OpenOffice, Lotus, Acrobat Reader, Flash Player ve Thunderbird
- Infrastructure applications including Microsoft Active Directory, Exchange, Sharepoint and IIS, IBM Lotus, Netscape DS, LDAP-UX, Sendmail, PostFix, MDaemon, MailEnable, Exim SMPT Server, Apache ve CommuniGatePro
- Virtualization applications including VMWare vSphere/ESX, Microsoft Hyper-V, Citrix XenApp
- Security solutions such as personal IPS, firewall devices and antivirus
- Business Solutions including Oracle E-Business Suite, SAP R3/ECC and NetWeaver
- Various ICS / SCADA solutions such as Siemens, Invensys, Schneider Electric, Rockwell Automation
View Product Brochure
Review the product brochure to learn more about MaxPatrol, a Positive Network network-wide vulnerability scaner
Advanced Persistent Threat Prevention – Anti-APT
APT stands for Advanced Persistent Threats attack. Anti-APT is a process of preventing targeted and complex attacks on companies. Nowadays, attacks against certain targets or institutions are made as a result of long-term preparations by organizations with large financial power, expert groups and even countries. Traditional security mechanisms are not sufficient to detect such attacks.
Targets are selected with great care and infiltration can be performed from user errors and vulnerabilities. Attackers can easily hide and move within the network. In general, the purpose of the attacks is to capture sensitive information, the machines operating in institutions, the remote destruction of control devices, financial theft, preventing the end users from doing business.
It is possible to prevent such attacks by sandbox technology. Files can be analyzed in sandbox virtual systems prepared according to predetermined methods, and alarms can be generated for files with suspicious behavior. Sandbox systems can be customized to suit the configuration of Enterprise desktop systems.
Direction of network activities to be monitored within Anti-APT device via SPAN /Mirror port, analyzing incoming SPAN /Mirror port traffic, Zero-day, Command & amp; Control server connection, backdoor activity, such as reaching the results of the solution.
Trend Micro is our partner in the detection of targeted and complex attacks. The Deep Discovery product developed by Trend Micro enables you to detect, analyze and react to complex targeted attacks in real time. Deployed as stand-alone components or a comprehensive cyber security platform, Deep Discovery provides enhanced protection against threats at the most important point for your organization. The Deep Discovery platform is the foundation of the Trend Micro Network Defense solution and integrates your security infrastructure into a comprehensive defense adapted to protect your organization against targeted attacks.
Esentepe Mah. Büyükdere Cad. Tekfen Kulesi 8. Kat Levent 34394 Şişli/İstanbul
Tel: 0 212 371 8668
Ataşehir Operation Center
Vedat Günyol Cad. Flora Plaza 23. Kat Ofis No: 2302 Ataşehir/İstanbul
MEA Region Office – Dubai
Emirates Towers, Sheikh Zayed Road, Level 41, PO Box: 31303 Dubai/UAE
Tel: +971 4 319 7359
Endpoint Security and Tracking
• Endpoint Protection
• Full Disk/File Encryption
• Data loss/Leakage Protection
• Data Classification
• Endpoint Control and Tracking
• Mobile Device Management and Protection
Core Infrastructure Solutions
• Data Storage Solutions
• Storage Area Network Systems
Network Infrastructure Solutions
• Access Points
• Load Balancers
- Vulnerability Management, Penetration Tests
- Risk Management
- Telecom Infrastructure Security Assessment
- Industrial Systems Security Assessments
- Online Banking and ATM Networks Security Assessments
- WEB and Mobile Application Security Assessments