Competences
Cyber Security

Protection against APT

Systems for detecting and removing advanced, targeted threats.

 

Solutions allowing protection of organisation system from malware, crimeware and ransomware threats. Using a number of mechanisms that allow threat detection based on known and unknown file patterns or behaviours.

 

Great flexibility and ease of integration with existing solutions, allows quick and effective implementation of threat protection mechanisms, saving time needed to restore full functionality of the systems if the threat is found to have interfered.

 

Managing encrypted traffic

Opportunity to view, inspect and analyze encrypted traffic.

 

It is estimated that in organisations about 50-75% of all traffic is encrypted. This means that security systems can’t analyse over half of the data transmission in the company, they are “blind” to potential threats sent via encrypted channels. It is worth realising that the analysis of attacks on various organisations over the last few months indicates that about 80% of them used encrypted communication to communicate with the management center (Command & Control).

 

In addition, analysts estimates indicate that the amount of encrypted traffic within the organisations will grow by about 20% per year.

 

The use of devices enabling deciphering of traffic maximise the protective capabilities of security systems already used in the organisation (eg IPS, DLP, NBAD, APM). This in turn gives the possibility of having a full preview into the communication for specialized analytical tools. This makes it  possible to conduct a reliable analysis, detecting threats before they significantly affect the organisation.

 

Network traffic analysis

Improve the level of security and accessibility by testing network communication.

 

Two aspects have been considered for analysing network traffic. We have considered the first one in terms of performance, in this respect it is important to determine the functioning of the local network, such as communication, application performance, and Internet access. It is possible to analyse services in specific segments for specific applications, or even the analysis of their bandwidth. In the second case  monitoring concerns security. Security in the meaning of recording and analysing network traffic in terms of the occurrence of malicious software, the  history of its spread (reconstruction of the infection path) and profile of non-standard traffic (behavioral analysis, statistical analysis). This tools supports other systems (SIEM, DLP, IPS), providing the context of a given security incident.

 

 

Orchestration of IT infrastructure

Automatic reconfiguration of network device policies, checking the current status of security, network and applications.

 

A comprehensive solution that automates network changes and maintains compliance with policies and industry standards. By using advanced analytical and automation technologies, it is possible to manage processes, introduce changes in the network and application layers.

 

Control mechanisms make it possible to define and enforce security policies such as granting access to a given service and conducting periodic certification campaigns allowing for a cyclical process of verification of access status.

 

 

The orchestration is possible thanks to the collected data at the network and application levels, building dependencies and links between the infrastructure and the target application (eg a web application located on several servers uses databases located in several DCs) and making sure that the communication between them is continuous, while maintaining its availability.

 

This mechanisms allow you to save time and budget for administrative tasks, at the same time increasing the level of security and control in the organisation.

 

Database protection

The databases store extremely valuable and confidential data. Organisations are now forced to implement processes controlling access to confidential data, protecting them from abuse and attacks. Also constantly increasing guidelines for compliance from security regulations are in place. Constant control, monitoring and real-time monitoring of all operations performed on databases is necessary.

 

These solutions allow comprehensive database protection, including detection of sensitive data, prevention of data leaks, overcoming database security and protection against vulnerabilities.

 

Database protection solution controls privileged users access to server and unprivileged users who use various applications to connect to it. It also monitors database for leaks of confidential information and security breaches. This reports are valuable thanks to information on “Who? What? When? Where? And how?” did something in the system.

 

To create a secure storage of sensitive data, the location of this data must be detected correctly. The solution scans the database to search for specific types of data that can be described by regular expressions.

 

Database traffic is stored on many Gateway devices. If disk space is too small to cover the appropriate time, it is possible to install the Fiber Channel card to expand the local disk and store data for a long time before they are archived

Web applications protection

Web applications are the most common target of cyber-attacks, due to the ease of access to them.  Their immense value results from the fact that access to valuable data is possible after breaching their security. To secure databases and systems, enterprises must protect their websites against new and emerging threats. It is important to use protection that doesn’t affect performance of the application.

 

To successfully detect attacks, a Web Application Firewall solution must “understand” the application structure, their individual components, and the expected user behavior. The Dynamic Profiling technology automates this process by profiling protected applications and creating a set of rules, or a “whitelist” of acceptable user behaviour. Over time, it automatically incorporates changes to its architecture into the application profile. Dynamic Profiling technology eliminates the necessity of manual configuration and updating countless application URLs, parameters, cookies and methods

 

Privileged Access Management

Securing privileged accounts passwords, controlling access to resources and monitoring sessions.  

 

Privileged identities are the accounts with the largest range of permission in the organisation. They allow access to sensitive information and enable users to change settings at any time in the operating systems of computers, applications, databases and network devices. Because these privileged accounts are probably known to many people and rarely changed, there is no way to enforce liability for their use. That’s why you need CyberArk software, which is used to constantly detect, track, update and manage company passwords.

CyberArk software first detects places where privileged accounts credentials are used, then secures credentials and implement passwords changing procedures wherever they are needed. This can reduce the risk of unauthorized direct access and ensure the confidentiality of passwords for privileged accounts.  Additional security function is the monitoring of access to remote servers, virtual desktops and network devices, and recording the activities of users accessing these systems

 

 

Contact

Our Office

Company’s Registration Address:

 

Concept Data Sp. z o.o. Sp.k.

ul. Piękna 24/26A,
00-549 Warszawa

 

office: +48 22 833 86 35

fax: +48 22 832 17 19

NIP: 701-055-33-94

KRS: 0000603567

Office Address:

 

North Gate Building
ul. Bonifraterska 17,

piętro 4

00-203 Warszawa

 

office: +48 22 833 86 35

fax: +48 22 832 17 19

 

Access to North Gate office
Access to Piękna office

North Gate Building

 

ul. Bonifraterska 17,

00-203 Warszawa

4th floor.

 

Piękna office

 

ul. Piękna 24/26A,
00-549 Warszawa