Rapid Threat Detection and Response

Deploy in as little as 30 minutes for powerful integrated security technologies and emerging threat intelligence from the AnchorPoint SOC.

AnchorPoint Integrated Threat Response: Better Threat Detection for Faster Response

Over the years, hacking techniques have become more sophisticated and they continue to evolve every day–making them very difficult to detect and respond to. To combat this trend and make security a possibility for organizations with limited resources, AnchorPoint delivers a managed service, called Integrated Threat Response (ITR), that includes real-time threat intelligence and threat prioritization by leveraging the kill chain taxonomy. This makes it easier for our Security Operations Center (SOC) to spot attackers, their victims, their methods and their intents.

We research global threats & vulnerabilities every day so that you don’t have to.

AnchorPoint’s SOC receives updated threat intelligence every 30 minutes through aggregated threat streams we share with industry leaders in information security. Our dedicated SOC Analysts spend countless hours analyzing the different types of attacks, emerging threats, suspicious behavior, vulnerabilities and exploits they uncover across the entire threat landscape. We also leverage the power of the open source threat intelligence community that enables collaborative defense with actionable, community-powered threat intelligence. With over 26,000 participants from over 140 countries providing global insight into the latest attack trends and bad actors, AnchorPoint ITR customers can be assured they’ve got the most up-to-date, comprehensive threat intelligence in the world, on day one.

Advanced Threat Detection for an Ever-evolving Landscape

Here are a few of our collection and analysis techniques:

Security Artifact Analysis

Using a wide range of collection techniques, including advanced sandboxing to quarantine malware samples. This analysis provides key insights into the latest attacker tools and techniques.

Attacker Profile Analysis

We’re constantly monitoring hacker forums and underground networks for in-depth profiling of the common traits of cyber criminals. This information gives us unparalleled access for understanding the “attack horizon” and has resulted in major discoveries such as the evolution of Sykipot, Red October, and other malware outbreaks.

Honeypot Deployment and Analysis

We leverage global honeypots, which are essentially “virtual venus fly traps” set up to detect, capture, and analyze the latest attacker techniques and tools. Leveraging honeypots placed in high traffic networks, our ITR customers and the AnchorPoint SOC are armed with the latest defensive strategies in the form of updated event correlation rules, IDS and vulnerability signatures, and more.

Open Collaboration with State Agencies, Academia, and Other Security Research Firms

Thanks to the broad reach of our threat intelligence sharing community, we’ve been able to establish strong connections with state agencies around the world, academic researchers and other security vendors through our technology partnerships. By gathering threat intelligence from a diverse install base, spread across many industries and countries, and composed of organizations of all sizes, we’re able to shrink an attacker’s ability to isolate targets by industry or organization size. This is especially beneficial to small, highly regulated businesses.

Advanced Threat Detection for an Ever-evolving Landscape

Get Threat Detection Capabilities with AnchorPoint Security Now!

Intelligent Threat Detection and Response with Kill Chain Taxonomy

With the constantly evolving nature of most threats, it can be difficult to address every incident and alert that occurs in your environment. Cutting through the clutter and removing false positives requires successful threat detection, prioritization, and time – lot’s of time. Standard methods of prioritization not only time consuming, they’re flawed.

With Kill Chain Taxonomy, AnchorPoint has made threat detection and prioritization easy. Kill Chain Taxonomy allows you to focus your attention on the most important threats. Attacks are classified into five categories and provide you with contextual information to help you understand attack intent and threat severity, based on how they’re interacting with your network.

  • System Compromise – Behavior indicating a compromised system.
  • Exploitation & Installation – Behavior indicating a successful exploit of a vulnerability or backdoor/RAT being installed on a system.
  • Delivery & Attack – Behavior indicating an attempted delivery of an exploit.
  • Reconnaissance & Probing – Behavior indicating a bad actor attempting to discover information about your network.
  • Environmental Awareness – Behavior indicating policy violations, vulnerable software, or suspicious communications..
Intelligent Threat Detection and Response with Kill Chain Taxonomy

The Integrated Threat Response Difference

5 Essential Security Capabilities in a Single Managed Solution

The AnchorPoint Security Integrated Threat Response (ITR) service provides five essential security capabilities in a single managed solution, giving you everything you need to manage both compliance and threats. Understanding the sensitive nature of IT environments, we include active, passive and host-based technologies so that you can match the requirements of your particular environment.

asset-discovery-sml.png

 

Asset Discovery

Find all assets on your network before a bad actor does

  • Active Network Scanning
  • Passive Network Monitoring
  • Asset Inventory
behavioral-monitoring-sml.png

 

Behavioral Monitoring

Identify suspicious behavior and potentially compromised systems

  • Netflow Analysis
  • Service Availability Monitoring
  • Packet capture
vulnerability-assessment-sml.png

 

Vulnerability Assessment

Identify systems on your network that are vulnerable to exploits

  • Network Vulnerability Testing
  • Continuous Vulnerability Monitoring
security-intelligence-sml.png

 

SIEM

Correlate and analyze security event data from across your network

  • Log Management
  • Event Correlation
  • Incident Response
  • Reporting and Alarms
threat-detection-sml.png

 

Intrusion Detection

Detect malicious traffic on your network

  • Network IDS
  • Host IDS
  • File Integrity Monitoring (FIM)