As a burglar alarm for your network, the SOCSoter CYBERDEFENSE service sends signals to trained and certified security engineers around-the-clock who personally evaluate and respond to any alarm that a system has been or is being attacked or misused on your network.
The CYBERDEFENSE service provides four types of Intrusion Detection Systems for detecting security issues on your network. This 365/24/7 service detects what firewalls, spam filters, and anti-virus miss.
CYBERDEFENSE uses a proprietary HEAP detection system to create alerts:
Heuristic: based off something we learned.
Examples: Detects a downloaded executable from a site not normally accessed, which usually means downloaded malware; going to a Russian based website, brute force attacks
Event: based off something that happened
Examples: Detects viruses, information leaks, hacking attempts, unauthorized scanning
Analysis: based off a hunting investigation by an analyst
Examples: normal traffic is 16 bytes at 7am; suddenly there is 94 bytes of traffic at 7am. (Commonly used for investigations.)
Pattern: based off something that matches known behavior
Examples: Uses Dropbox consistently; suddenly uploads files to OneDrive