F-Secure Rapid Detection & Response Service Managed detection and response service against targeted cyber attacks
ow does the F-Secure Rapid Detection & Response Service service detect and respond to human-conducted attacks?
Your Organization PR Marketing Finance Events F-Secure Detection and Forensics Platform Real-time behaviour analysis Big data analysis Reputational analysis Anomalies F-Secure Rapid Detection & Response Center Threat hunters Incident responders Forensic experts max 30 mins CISO
How Does a Targeted Cyber Attack Usually Happen?
Attackers will first gain access to your IT infrastructure. This typically happens either by exploiting a known vulnerability in one of your servers, or by using a combination of spear-phishing emails and web exploits targeting one of your customer-facing teams.
After gaining an initial foothold in your IT infrastructure, the attackers will try to access or seize control of the data they're after.
Typically, they accomplish this by using existing IT administrator tools included in Windows, Mac and Linux operating systems, such as PowerShell, Windows Remote Management and Service Commands.
How do we detect attacks?
The F-Secure Rapid Detection & Response Service includes lightweight intrusion detection sensors for endpoints, networks and decoy servers that are deployed across your IT infrastructure. The sensors monitor activities initiated by the attackers, and stream all information to our cloud in real-time.
Our cloud-based service hunts for anomalies in the data by using a combination of advanced technologies, such as real-time behavioral analytics, big data analytics and reputational analytics. Anomalies are hunted from two perspectives: known and unknown malicious behavior.
The use of different types of analytics ensures that attackers are not able to remain undetected, even when using evasion tactics designed to fool specific detection methods.
How Do We Respond?
Anomalies are flagged to our threat hunters in the F-Secure Rapid Detection & Response Center, who work 24x7x365 to verify them and filter out false positives.
Once our threat hunters have confirmed that an anomaly is an actual threat, they will alert you in less than 30 minutes. Our threat hunters will guide you through the necessary steps to contain and remediate the threat. We also provide detailed information about the attack, which can be used as evidence in criminal cases.
Our on-site incident response service is also available to assist you in difficult cases, or in cases where your own experts are unavailable.
Our team is at your service 24x7x365
At the core of the F-Secure Rapid Detection & Response Service is our F-Secure Rapid Detection & Response Center, which is the base of operations for all of our detection and response services.
At the center, cyber security experts work 24/7 to hunt for threats, monitor data and alerts from customer environments, and flag anomalies and signs of data breaches.
Staff at our F-Secure Rapid Detection & Response Center are trained to handle a variety of tasks
Their main tasks fall into three different roles:
Threat identification team
First responders who monitor the service, hunt for threats and maintain contact with the clients
Tackle complex cases that clients are unable to handle on their own, usually assist clients on-site
Specialized in the most difficult cases, even the most complicated nation state-originated attacks