mobile logo
How a Security Fabric Helps You Make the Most of Your Secure Sense Services
22
May

How a Security Fabric Helps You Make the Most of Your Secure Sense Services

May 22, 2018
In Industry, News
By Secure Sense

As your managed services provider, we employ the best practices and best-of-breed technology—both at its security operations center (SOC) and on your premises—to help ensure the safety of your data and reduce risk.

As a managed services client, you expect to offload the complexities and time burdens of security management. Still, you’ll want to retain a firm grasp of your organization’s overall security posture, so it’s important to understand your on-premises tools.

Making sense of multiple point products—firewalls, web security, intrusion prevention systems (IPS), etc.—can be very time-consuming and confusing. The Security Fabric approach from Fortinet makes this easier by providing a central security console that maps out your entire security infrastructure, helping you understand what each function contributes to your security posture. Moreover, the central management system serves as a focal point for discussing your security posture with your Secure Sense team. And it helps you demonstrate to your internal stakeholders that you are providing complete network security coverage, from the data center out to the cloud, including mobile and Internet-of-Things (IoT) devices.

Fortifying the Fabric

Fortinet has been refining the Fortinet Security Fabric for several years now, but this year has seen a leap in enhancements across the board, which give your Secure Sense team a more sophisticated and efficient toolkit for tailoring security services to your changing needs. Here are a few of the highlights:

  • Automation. One of the three pillars of the Security Fabric, automation is the key to staying a step ahead of accelerating cyber threats. The idea is to coordinate different solutions’ automated responses and remediation to threats detected anywhere across your network, so you can minimize their impact and prevent them from recurring. The latest Fortinet Security Fabric enhancements provide wizards to quickly create or modify automated workflows to quarantine compromised users or hosts, notify admins, and make API calls based on a variety of triggers.
  • Security Audits. Although the map on the Security Fabric’s central management console can show you the status of your network, you need to be able to assess whether your current state of affairs is adequate or in need of improvement. As part of its auditing capability, the Security Fabric now features benchmarking against companies of similar size and industry; the latest best practices in password security, login attempt thresholds, and multifactor authentication; and a continually updated database from FortiGuard Labs. The Fortinet Security Fabric not only points out your vulnerabilities but also specifies how to remediate them and makes it easy to do so. After you address the vulnerabilities, you can run the audit again to show the improved security ranking. Reports can be output for internal stakeholders or to support compliance audit responses.
  • Multi-cloud support. Cloud technology is all about scale and agility, and using multiple clouds multiplies this advantage. Security must scale and flex with your cloud deployments and allow you to manage your on-premises network and multiple clouds as a unit, rather than in silos. The Fortinet Security Fabric offers the broadest range of cloud-based security tools on Amazon Web Services, Azure Cloud, Google Cloud, and Oracle Cloud. The latest updates include a variety of connectors for private, public, and software-as-a-Service (SaaS) clouds, which enhance the visibility of your security posture across all cloud networks.

As a global network security leader, Fortinet is committed to strengthening cybersecurity in Canadian business and government. Shared Services Canada, a government IT supplier, recently decided to deploy the Fortinet Security Fabric, including Fortinet FortiGate next-generation enterprise firewalls and FortiManager, which will simplify security management and control across more than 100 government departments and agencies. Fortinet’s new threat intelligence and research and development campus in Burnaby, British Columbia, is expected to contribute 1,000 new technology jobs in the Vancouver metro area. And our local team of engineering, field sales, and technology specialists will continue to ensure that managed services providers, such as Secure Sense, have the support they need to provide you with the most effective and cost-efficient network security solutions.

This blog was brought to you by our partner, Fortinet. The Fortinet Security Fabric delivers broad protection and visibility to every network segment, device, and appliance, whether virtual, in the cloud, or on-premises. Automatically synchronize your security resources to enforce policies, coordinate automated responses to threats detected anywhere in your network, and easily manage all of your different security solutions and products through a single console.  They are a sponsor of our annual Camp Secure Sense 2018 and will be presenting on Day 1 at 2:00 pm and 2:40 pm.

Head on over to the registration page to discover other thought leadership presentations exclusive to Camp Secure Sense here.

With only 28 days left, and a few spots open for InfoSec leaders, we encourage you to register ASAP.

Post Tags:

Related Posts

A Secure Sense Competitive Advantage

Welcome back to the Cyber Security Month blog! In last week’s blog, we talked about the importance and value of an MSSP, what sets Secure Sense apart from other MSSP’s and how Secure Sense can help your business. Today, we want to continue the conversation around the competitive advantage of working with Secure Sense and what sets us apart in the world of managed security.

In addition to our dedicated customer success teams and our 24×7 SOC (read more in the previous blog here) Secure Sense’s white glove service stands out in many other ways. Continue reading to find out the secret keyphrase, and our competitive advantage.

Expert engineers/analysts

Our experienced technical team comes from diverse technical backgrounds, representing a wealth of security knowledge. They play an integral role in everything we do at Secure Sense; from evaluating partners to developing services, allowing us to focus entirely on the best products and the highest training certificates.

Our engineers, architects, and analysts are required to ensure they are up-to-date on technical training. In addition to solution technical training, our technical team has focused on training in the following areas:

  • Communication for clearer and more accurate ticket updates​
  • Troubleshooting skillsets have led to fewer escalations internally, and ultimately shorter times to remediate​
  • Critical analysis skills which have measurably improved our ticket responses in providing higher quality responses to tickets.

This training has had a measurable increase in the quality of our services, as well as time to remediate and reduce escalations.

Our SOC has many teams that work with our expert analysts to ensure you receive the most from your service. In addition to our security analyst team, Secure Sense has four other technical teams: the reporting team, the threat intel team, the automation team, and the purple team.​

Automation team:

The Secure Sense automation team reviews customer requests, as well as potential customer controls, and ties those controls in with our managed services for automated systems mitigation, stopping threats in their tracks.​

The team is also responsible for:

  • Automated SIEM log analysis, tied into our Threat intelligence team to streamline the ingestion of IOCs into our managed services.
  • Implementing our vendor vulnerability review and remediation systems allows us to reduce our critical vulnerability remediation windows and provide improved visibility into coverage and reporting.
  • Delivering smart-responses from our SIEM solution, and implementation of Reporting team recommendations and improvements.​
  • Automating reporting and alerting directly into our ServiceNOW portal, providing short response times to customer alerts

Reporting team:

Secure Sense has created a dedicated reporting team to streamline and bring more meaningful data to our customers on a regular basis. This team not only builds custom reports, but also analyzes how our customers are using our services, identifying any particular improvements that we could be making to the services, and providing recommendations to the rest of the managed service teams.​

Our reporting team also builds datasets and analyses based on our customer tickets, as well as managed service systems, to identify new use cases and patterns that we can leverage to improve services internally.​

Threat intel team:

Our internal Threat Intel team reviews various events that have occurred and identifies the relevant TTPs. They provide this intelligence to our purple team which will operationalize it.​

The Secure Sense threat intel team focuses on both systematic collection of IOCs and analysis thereof, as well as individual TTPs that are used to identify new and emerging threats. ​The team looks at those tools, Techniques and procedures that threats are using in the market, and identifies how they could be leveraged against our existing customer base, along with better enhancing our services to detect those TTPs when in use.​​

Purple team:​

Secure Sense’s Purple team reflects the blend of both defensive or blue team skillsets, along with offensive or red team skillsets. The team takes tools, techniques and procedures identified by the threat intel team, analyses our customer’s environments and identifies if we can detect them. ​ With customer collaboration, the Purple team can provide execution packages where we can simulate specific components of a threat, and then validate that we have visibility into that TTP being run in a customer environment.

Professional services

Secure Sense’s implementation and support experts are experienced in a wide variety of Professional Services engagements with specialized tactical teams within our extended technical bench, focused on specific technologies and or products.

In most cases, Professional Services are project-based services that require a skilled engineer or architect for a one-time project or short-term change in your organization; or a senior consultant to provide a wide range of risk advisory services. Project teams will also typically address any ongoing support or maintenance after the initial project is complete.

Our cybersecurity consultant team and senior architects hold a broad range of top industry certifications and credentials, along with many years of experience in the industry. Our methodologies for common engagement types have been developed and refined to reflect the most up-to-date best practices and to scale to projects of any size, including global enterprise enablement.

A few of the engagements we commonly offer include:

  • Cybersecurity Architecture Assessment and Design
  • Solution Implementation Services
  • Health Checks
  • Penetration Testing
  • Vulnerability Assessments
  • Threat and Risk Assessment
  • Enablement & Training
  • Ongoing Support

Secure Sense focuses on continual training and certification among our technical ranks in order to provide the most knowledgeable technical support.

Security training

Secure Sense offers security training and can assist in helping your organization to create its cyber security training program. From general employee awareness training to specific security training for your IT and security staff, Secure Sense can help your organization combat the threats they face on a daily basis. Our team is able to offer:

  • Engaging user awareness training for end-users
  • Technology training for security solutions and products
  • Security Analyst training
  • Threat hunting training
  • Threat simulations to give your internal security teams practice in using internal tools
  • Tabletop exercise development and execution to simulate incidents and incident response

Your Key word is “Purple Team”

Don’t forget! Take this keyword and head to our LinkedIn page here to comment on it for your chance to win one of many prizes this month!

As always, if you’re interested in learning more about Secure Sense’s competitive advantage or any of our services, don’t hesitate to reach out to us at 866-999-7506 or sales@securesense.ca!

Continue reading

The Value of a Secure Sense MSSP

Happy October, AKA Cyber...

How Cloudflare Security does Zero Trust

Throughout Cloudflare One week,...