Goliath 360

ENDPOINT PROTECTION: Unmatched protection against advanced endpoint threats, including MITRE ATT@CK Integration, Next-Gen Antivirus, Device Control, Critical Resource Protection and more. 

EXTENDED THREAT DETECTION: Expanded visibility across endpoints, networks and users provides layered protection capabilities of EDR, Deception, User Behavior Analytics Rules, Network Detection Rules, Sandboxing and Threat Intelligence out of the box. 

SaaS & Cloud Security: SaaS and Cloud Security Posture Management (SSPM & CSPM) automatically identify, prioritize, and fix security risks across all common business SaaS applications and Cloud platforms (ex. AWS, Azure, Google) directly from your console.

Endpoint Security Posture Management: Covering Endpoint Misconfiguration and also includes Detection, Remediation and Detects Vulnerable Apps Across Endpoints (CVE).

E-Mail Security: Email Security provides protection for Cloud Email Gateways. It combines a variety of protective capabilities to ensure your users are safe from weaponized attachments and phishing attempts. Combined with Endpoint and User protections, Email protection adds yet another security layer to keep you safe from attacks.

Mobile Threat Protection:  Provides continuous, on-device monitoring to detect known and unknown threats in real-time across the kill chain: device, network, phishing, and app attacks.

Deception: Easily configure decoy files, users, hosts, and networks to expose malicious actors who have gained access to your environment.

IT & SECURITY OPERATIONS: Extensive operational functions natively included, such as IT Hygiene, Vulnerability Management and asset inventory capabilities.

And More… 

Playbooks: Automate comprehensive, multi-action responses across your environment for any attack scenario.

Automated Investigation: Automatically determine the root cause and scope of an attack across your environment.

Automated Remediation: Eliminate malicious presence, activity, and infrastructure across users, network, endpoints, and other IT components.

Incident View: Intuitive graphical timeline and layout of attacks, along with the automated investigation and response actions.

And More…

Resolving threats 50x faster, reducing manual
incident handling by 90%

• Finding / Eradicating Attacks Before Damage Is Done
• Uncovering and resolving all attack components across your environment in seconds – not minutes or hours
• Increasing Your Team’s Bandwidth
• Becoming more productive and eliminate time-consuming manual tasks by automating workflows and accelerating threat detection, investigation, and response
• Augmenting Your Team’s Response Skills
• Boosting your lean security team’s expertise by leveraging automated best practice investigation and response workflows
• Reducing Cost and Complexity
• Avoiding the costly and resource-intensive implementation and support of a complicated SOAR solution

CENTRALIZED LOG MANAGEMENT: Collects and integrates critical log data needed for threat analysis using a powerful query language along with intuitive graphics and dashboards. 

EVENT CORRELATION: Analyzes signals from native controls, system logs and any other sources to correlate data into actionable incidents. 

FORENSICS: Investigate threats and conduct threat hunting with instant access to forensic artifacts collected from agents, logs and other system resources using powerful search and visualization tools. 

And More… 

24/7 MONITORING: High & Critical threats are identified and properly addressed around the clock – ideal for resource-constrained teams. 

INCIDENT RESPONSE: Assistance in remote Incident Response with investigation, comprehensive remediation plan and guidance.

THREAT HUNTING: Proactively searches for hidden threats across the environment. 

ATTACK REPORTS: Written overview and detailed technical insights on attack techniques. 

And More… 

Continuous User Sync: Consistently sync your users from your directory to ensure you always have the m ost up to date information.

Automated Training Assignments: Users are assigned to training courses and sent notification when training is required.

Randomized Phishing Simulations:  Users are randomly sent phishing simulations to test their awareness and security posture.

Phish Reporting Add-In: Allow users to report simulated and real phishing attempts directly to your security team. 

Custom Policy Creation:  Customized SAT policy tailored to their specific training requirements.  

See The Results: Enterprise-strength monthly reporting on training completion and phishing simulation results.

And More… 

Protect: Protects online identities and sensitive information from cyber threats.

Simplify: Simplifies password management through a user-friendly interface.

Enterprise strength: Provides  advanced password management, secure file storage, and two-factor authentication for businesses. With a user-friendly interface, you can manage and secure your employees’ passwords and ensure your data is protected against potential cyber threats.

User Friendly: A user-friendly interface that is designed to simplify the process of creating and storing secure passwords. The password generator feature allows users to generate strong passwords that are difficult to guess or hack.

And More… 

Alert Monitoring (ALL – 1hr SLA): Continuous management of incoming alerts: classify, prioritize and contact the client upon validation of active threats.

Threat Hunting: Proactive search for hidden threats leveraging investigation tools and over 30 threat intelligence feeds.

24×7 Availability: Ongoing operations at all times, both proactively and on demand, per client’s specific needs.

On Demand File Analysis: Clients can send suspicious files for analysis directly from the console and get immediate verdicts.

Instant Access:  Clients can engage with a single click on the Dashboard App upon any suspicion of an active breach.

Attack Investigation:  Deep-dive into validated attack bits and bytes to gain full understanding of scope and impact, providing the customer with updated IoCs.

Exclusions, Whitelisting and Tuning:  Adjusting alerting mechanisms to the clients IT environment to reduce false positives and increase accuracy.

Remediation Instructions:  Conclusion of investigated attacks entails concrete guidance for users regarding which endpoints, files, user and network traffic should be remediated.

And More… 

A proactive 24/7 security team acts as your extended team, leading any required analysis, ensuring that nothing is overlooked and generating the results you need.

Our Executive Cyber Advisory service provides organizations with access to experienced security executives (CISO’s) who can assist in the design, implementation, and ongoing oversight of framework based security programs.

The scope of these services can be narrow or broad depending on your business need, addressing the needs of a specific project or process, or addressing your macro security environment. So whether the need is to securely integrate a new acquisition, select and implement new security technology, or facilitate the modernization of your company’s security posture, we can help.

Review: Review your current security and compliance profile.

Assess: Conduct an effective business risk assessment.

Identify: Identify gaps, vulnerabilities, and other security issues in your current environment(s).

Develop: Develop a strategy, timeline, and roadmap for compliance.

Create: Create communication, education, and training plans into the way your organization operates from a cybersecurity perspective.

Create:  Create communication, education, and training plans into the way your organization operates from a cybersecurity perspective.

Align:  Align cybersecurity and compliance strategies with business goals to help with the 3 R’s, REGULATION, REVENUE AND REPUTATION

And More… 

Continuous BreachRisk Assessments (new results weekly)

• Public attack surface discovery and attack surface monitoring (ASM)
• Discovery & validation of exposed threats, including:
• Vulnerability Threats (exploitable vulnerabilities)
• Credential Threats (places an attacker can login/authenticate)
• Misconfigurations Threats (misconfigured infrastructure)
• Cloud integrations & risk monitoring (currently support AWS, Azure, Digital Ocean)

Continuous BreachRisk Assessments (new results weekly)

• Features everything in BreachRisk Essential, plus:
• Penetration testing of threats discovered and verified 
• Examples: exploiting vulnerability threats (where safe to do so), attempting authentication to credential threats with exposed, common or default passwords, attempting to access privileged information through misconfigured services.
• Dark web monitoring
• Monitor the dark web for exposed references to company emails and passwords. 
• Test exposed credentials against all credential threats/logins to see what is active.
• Penetration Test Reports for compliance or sharing (requires annual commitment)

Essential

Advanced

Platinum

Optional Goliath 360 Services