Certego Managed Detection & Response services are powered by PanOptikon©, our Security Orchestration, Automaton and Response (SOAR) SaaS Platform.
PanOptikon© uses a modular approach to scale up with the organization’s infrastructure and cybersecurity requirements.
Thanks to the in-depth investigations, carried out by the Certego Computer Security Incident Response Team (CSIRT) with eyes-on-glass, remote round-the-click coverage in both Italian and English, we can quickly detect, investigate and respond to the most advanced cyber threats.
Organizations adopting Certego Managed Detection & Response services benefit from the following:
The typical cyber kill chain includes a series of stages, ranging from reconnaissance (weaponize, delivery and initial access), which is often the first stage of a malware attack, to lateral movements (persistence, taking root) where the attackers try to move laterally throughout the network to access more data and escalate their privileges inside organizations. The final stage is monetization, where the attacker is able to exfiltrate data, or deliver a ransomware tool to simultaneously encrypt all the company's infrastructure and demand a ransom.
In most cases, all these steps are necessary for an attack to occur. It takes time, and usually leaves traces. The ultimate goal of the Certego MDR service is to detect, within each of these steps, all the main activities carried out by the cyber criminals in following the cyber kill chain, and act before they can have a real impact on business, helping organizations to respond quickly to this kind of cyber attacks.