Threat Manager

  • Always aware of threats

    Threat Manager makes use of Active Watch Services, which allows for threats to be detected 24/7.

    Security Operations Center

    The Security Operations Center identifies potential network threats. Billions of incidents will be analysed and identified here the next few years enabling you to act to threats appropriately.

    You can easily view the Threat Manager through the exact same web interface the analysts of Threat Manager make use of. No complex integration, deployment or upgrades, just the latest security technologies and the best analysts at work for you 7 days a week, 365 days a year.

  • “If something goes wrong just once, you may well lose your reputation. Security can be seen as an insurance, and as such it costs money, but it is extremely important.”

    Author's imagePeter van NoordCo-founder & Director of De Nieuwe Zaak
    Read the entire case of De Nieuwe Zaak (Dutch only)
  • Why KPN Internedservices?

    With Internedservices your data is safe, we are a 100% Dutch company, which means your data is subject to Dutch law. We offer Threat Manager for a fixed monthly fee, so your expenses are clear. This includes monitoring your data, the software and the 24/7 Security Operations Center to validate incidents and offer support. Threat Manager provides:

    • 24/7/365 monitoring & support
    • Always easy access to your Threat Manager data
    • A fixed monthly fee
    • The best analysts
    • Easy integration
    • A safe feeling
    Tell me more about Threat Manager
  • How Threat Manager works

    The Threat Manager intrusion detection monitors network traffic and the active nodes within the secure environment 24/7. The information received by the monitoring system is analysed real-time by propietary software en specialised analysts. In case of a security incident, the security experts of Internedservices will take adequate measures.

  • 24/7

    protection

How Threat Manager works

  • Public Cloud

  • The Expert System

    The data is divided into sections and analysed by the self-learning Expert System. Parameters used are:

    • Reputation of the attacker
    • The type of attack
    • The method of the attacker
    • Vulnerability and value of the attacked component
    • Known global threats

    Based on these parameters, security incidents are created, after which the experts get to work on these.

  • 24/7 Security Operations Center

    The identified security threats are further checked by analysts for “false positives”, so no legitimate traffic is blocked.

    The security experts of Internedservices continue their analysis and report the detected security incidents (if applicable). After which a solution for remedying and preventing the threats is worked out together with you.

  • Combine Threat Manager with Log Manager to ensure optimum safety.

Technical details of Threat Manager

  • Threat Signatures and Rules
    • 45.000+ IDS Signature Database
    • Weekly Signature Updates
    • Rules Set Consolidated from Multiple
      Sources: 

      • Alert Logic Security Research Team
      • Emerging Threats
      • Open Source, Third-Party Collaboration
      • Real-Time Signature Updates to Alert
        Logic Expert System
      • Custom Rule Creation and Editing
    Vulnerability Assessment
    • Unlimited Internal and External Scans
    • PCI DSS 2.0 Compliant External
      Scanning
    • Broad Scanning Capabilities:
      • Network Infrastructure
      • Server Infrastructure
      • Business Critical Applications
    Intrusion Detection
    • Advanced Network Traffic and Payload
      Visibility
    • Web Technologies (IPv6, Ajax, SQL
      Injection, etc.)
    • Detect SSL-Based Intrusion Traffic
    • Signature and Activity-Based
      Correlation
    • Patented Threat Scenario Modeling
  • Analysis & Reporting
    • Dozens of Dashboards and Reports
      Available Out-of-the-Box
    • Custom Reporting Capabilities
    • Common Vulnerability Scoring System
      (CVSS) to Assess Risks
    • Audit-Ready Reports
    • Single Web-Based Control for Entire
      Environment: 

      • User Management and Administration
      • Dashboards and Drill-Down Analysis
      • Report Scheduling, Creation and Review
      • Scan Scheduling and Results Review
    Compliance Support
    • PCI Approved Scanning Vendor (ASV)
    • PCI Level 2 Audited Vendor
    • Support for Multiple Compliance Mandates
    • PCI DSS 2.0, HIPPA, SOX, GLBA, CoBIT,
      etc.
    • 6-Month Storage of All Raw IDS Event Data
    • SSAE 16 Type II Verified Data Centers
    • Indefinite Storage and Archival of Incident
      Analysis and Cases
    Integrated managed Security Services
    • GIAC-Certified Security Analysts and
      Researchers
    • 24/7 State-of-the-Art Security Operations
      Center
    • Monitoring, Analysis and Expert Guidance
      Capabilities
  • Curious as to the possibilities for your organisation?

    Ask Mark Heijkoop – Security specialist

    Are you enthusiastic about this solution and curious how we can realise this for your organisation? Mail Mark or call him at +31(0)6 23 58 93 63. You can also complete the form below, he will then contact you.