Cybersecurity services

Reduce cyber risk and effectively manage regulatory compliance. 

Security Event Management (SIEM)

Advanced Threat Protection and Compliance

A SIEM is a very powerful solution to help combat sophisticated threats.  Many times, advanced attacks use multiple ways to breach an enterprise.  A SIEM correlates events from multiple devices including network, application and directories to detect anomalous behavior that needs to be investigated.  Thousands of events from all over the enterprise are brought together in the SIEM.  WizNucleus will configure the SIEM to provide the best protection against advanced threats as well as providing compliance reports at any time.

Advanced Threat Protection

There is a wealth of information stored in device logs.  Devices such as servers, firewalls, routers, directories store thousands of events an hour.  That information becomes actionable knowledge with a SIEM that can process and correlate all the data.  As part of operationalizing the SIEM, WizNucleus will develop a baseline of normal enterprise behavior within the SIEM.  Once the baseline is developed, WizNucleus will provide ongoing tuning of the SIEM, including adding threat detection rules, that will optimize the ability to detect advanced threats such as ransomware. 

Once operational, all logs, events, and network flows are correlated together— along with contextual information such as identity, roles, vulnerabilities, and more—to detect patterns indicative of a larger threat.

Compliance

Without the SIEM offering, managing device logs for compliance is unwieldy.  With WizNucleus SIEM deployment come hundreds of prebuilt dashboards, comprehensive audit trails, and reports for more than 240 global regulations and control frameworks, including PCI-DSS, HIPAA, NERC-CIP, FISMA, GLBA, GPG13, JSOX, and SOX.

Managed SIEM

A SIEM requires continuous monitoring so that action can be taken when alerts are generated.  In addition, a SIEM needs to be continuously tuned to your environment to increase overall effectiveness.  WizNucleus will continuously monitor and tune your SIEM with a managed SIEM offering, relieving your current staff of the additional work. 

WizNucleus SIEM services

  1. Sell you the product
  2. Install and integrate the SIEM with all the device logs
  3. Configure the SIEM
  4. Baseline, tune and operationalize
  5. Provide ongoing tuning and maintenance
  6. Optionally manage the SIEM operations as an augmentation to the client team

Endpoint Security

EDR – endpoint detection response

Endpoints continue to be key resources to protect against advanced threats.  It’s well-known that antivirus is no longer sufficient to protect against the broad range of advanced attacks. 

The WizNucleus EDR solution combines advanced detection techniques such as AI and machine learning with threat intelligence, and a continually updating endpoint malware detection engine to protect against the most advanced and evolving malware.

Key benefits include:

  • zero-day threat in near real time
  • High-quality actionable threat detection
  • AI-guided investigations provide machine-generated insights into the attack
  • Enables communication among antivirus, exploit prevention, firewall, and web control
  • Repairs the endpoint to the last known good state
  • Contains malicious applications and processes on endpoints even when they are offline
  • Centralized management for Windows 10 and Windows Server 2016 and 2019
  • Advanced file, fileless, and behavioral machine learning defenses

Managed EDR

The EDR solution offers powerful protection against the latest advanced threats.  To not overburden the already busy security staff and to get the most out of the solution, WizNucleus offers a managed EDR option so that our security experts can continually monitor and manage your endpoints and accelerate the machine learning capabilities of the solution.

Extended Detection and Response (XDR)

Advanced Threat Protection across the enterprise

Whereas a SIEM collects log data from multiple sources across the enterprise on events that have already happened, an XDR solution collects security data from multiple security products to predict the next attack.

The WizNucleus XDR solution combines data from firewalls, email security, web security, and threat intelligence feeds to build intelligence into security operations.  What EDR does for the endpoint, XDR does for the enterprise.

WizNulceus can build XDR into your operations center to:

  • Improve protection, detection, and response capabilities
  • Improve productivity of operational security personnel
  • Lower total cost of ownership for effective detection and response of security threats
  • Provide behavior analysis of users and technology assets
  • Improve threat intelligence by including local threat intelligence coupled with externally-acquired threat intelligence sources

Extended Detection and Response (XDR) from WizNucleus consolidates multiple security products into a cohesive, unified security incident detection and response platform.

Cyber Security Assessments

Know where you stand

 Before spending money on more security products, it’s important to know where the gaps are and to then prioritize which gaps to fill.

WizNucleus has been executing assessments for critical infrastructure for years.  We are experts at conducting assessments for critical regulations such as NEI (Nuclear Energy Institute) for security of nuclear facilities, NERC (North American Electric Reliability Corporation) for security of the electric grid, and CMMC (cybersecurity maturity model certification) from the Department of Defense.

WizNucleus brings that critical assessment skill to enterprise clients using cybersecurity assessments from NIST (National Institute of Standards and Technology) and CIS (Center for Internet Security).

Network Security

Intrusion Detection and Prevention systems (IDS/IPS)

Networks continue to become more complex by crossing physical boundaries, creating hybrid and cloud environments complicated further by combining multiple cloud service providers, locally hosted virtual environments, and physical infrastructure. A well-configured and strategically placed IDPS helps create a robust multilayered defense system within these complex hybrid environments.

Delivered as an IDPS appliance or as a next generation firewall IPS (NGIPS), WiZNucleus can configure and monitor for intrusions on your network. WizNucleus creates IPS rules that identify and block attack traffic that target network vulnerabilities.  Capabilities include:

  • inspects all network traffic to accurately and effectively block the advanced, targeted attacks
  • integrate with real-time global threat intelligence feeds
  • uses rich contextual data about users, devices, and applications to provide visibility and fast, accurate response to network-borne, signatureless attacks
  • optionally delivered within an integrated next generation firewall (NGIPS)

Network Discovery and Monitoring

Discovery, monitor for availability, monitor network and system performance.

Discover Your Network

WizNulcleus creates a detailed interactive map of your entire networked infrastructure. Monitor and map everything from the edge to the cloud including devices, wireless controllers, servers, virtual machines, applications, traffic flows and configurations across Windows, LAMP and Java environments.

Monitor performance

WizNulcleus can help you manage networks, traffic, physical servers, VMs and applications to ensure optimal performance and availability to meet SLAs. Reports can be generated regularly to track results.

Integrated Log Management & Archiving

WizNucleus can help you manage device log data.  You can monitor, filter, search and alert on syslogs or Windows logs for every device in your network while also watching for meta trends like log volume changes. You can archive logs to any storage locations for any retention period to comply with regulatory requirements and preserve historical data.

 

Backup and Recovery

Always be prepared

Data failures can happen for different reasons including unrecoverable hardware or software failure, data corruption, a malicious attack, or accidental deletion.  WizNucleus can operationalize a backup and recovery solution that will keep your data backed up and secure.  Efficiently backup your data to the object storage of your choice, on-premises or in the cloud.

Capabilities include:

  • File-level, disk-level, image, and application backups
  • Back up popular workloads including – Mac, Windows, Linux, Microsoft 365, Google Workspace, Hyper-V, VMware, and much more
  • Hybrid storage options – hosted storage, public clouds, or local storage
  • combines cloud backup with cyber protection to keep your data secure
  • automatic data classification to track the protection status of important files, folders, and workstations
  • Scheduled backup reports including data protection map and compliance reporting