CONFIGURATION COMPLIANCE AND REMEDIATION SERVICE (MSS-EPS)
The Configuration Compliance and Remediation Service (MSS-EPS) is a “Security as a Service” (SaaS) offering created to identify application level assets, to test alert, report, deviations and to facilitate remediation in endpoints and servers of the organization. This is done without agents. Together with GLESEC’s Orchestration’s platform, this service integrates the GAP information into compliance reporting and facilitates and optimizes the full lifecycle for remediation.
How does it work?
Turnkey, Security as a Service. There are two options for delivery, one is on-premise GLESEC’s GMSA appliance and the other is Cloud-based. Once the systems are deployed and integrated with the organization’s Active Directory, then GLESEC Professional Services will work on establishing a baseline for the application assets and configurations for all endpoints and servers. Once this is done and the baseline uploaded to the Orchestration’s CAD utility, the service is ready for operations.
The data from the GMSA or CLOUD flows to GLESEC’s BigData for analysis and the GLESEC Operations personnel monitor not only the health and integrity of the information process but the remediation GAPs which are then used in GLESEC’s Vulnerability Handling Process for proper remediation and reporting.
- Delivery is on-prem (using GLESEC GMSA Appliance) or as an option CLOUD.
- No agents are required but ctive Directory access is necessary for inspection and auditing.
- GLESEC’s Professional Services conduct implementation and then work on audit and baseline creation.
- GLESEC’s Secured Operation Centers monitor, hunt and respond based on established playbooks 7x24x365 to contain, mitigate, alert and report. In particular following the Vulnerability Handling Process.
- Client’s access to the GLESEC’s Orchestration platform (based on contract of Orchestration service) providing visibility of the various elements of the GLESEC 7eCSMTM framework. This allows access to detailed dashboards and reporting as well as the Case & Resource Utilization application, News service and other tools. The Case & Resource Utilization application is used to manage the full lifecycle process for threat identification and mitigation that takes into consideration all the communication interaction with various levels of the client’s organization
GLESEC’s Vulnerability Handling Process as applied to this offering, addresses the full life-cycle process, from testing to verification of remediation. This is comprehensive, collaborative, optimize client’s and GLESEC’s resources and reduce the time to mitigate, making it unique and essential to every organization in handling pro-active and preventive security.
Sergio Heker, CEO
Provides peace of mind in the detection of gaps in compliance in the endoints and servers and the identification of application assets, effectively reducing the time to remediate and providing visibility and control to the organization.
Promotes a continues risk-reduction and on-going cyber-security improvement and mitigation process.
Helps eliminate cyber-security risk factors that can impact business operations.
BENEFITS
The benefits of this service are:
Augments the internal staff by partnering with an organization with core competency in cyber-security operations.
Meets compliance in regulatory requirements.
Most cost-effective solution based on the benefits of outsourcing.
This service can be classified according to the following table:
Monitoring
Yes
Testing
Yes
Protection
Compliance
Yes
Forensic
Remediation
Yes
Mitigation
Each of the MSS services can be mapped to one of the seven elements of the 7eCSM.
In this case the mapping is:
Take control of your cyber-security now!
Comments are closed.