Identify and Assess Vulnerabilities
True Owl’s endpoint security proactively reduces threats by continuously assessing vulnerability risks. This includes rating the security risk of applications, identifying vulnerabilities, identifying rogue devices and taking proactive risk mitigating actions.
Prevent attacks with Next Generation Antivirus Engine (NGAV) True Owl uses a machine learning antivirus engine to block malware before they can execute. The kernel based NGAV is continuously updated to identify new malware.
Detect and Defuse Attacks in Real-Time
If an endpoint is compromised, True Owl’s service will detect and stop the attack in real-time. True Owl’s endpoint security protects data by stopping malware (including file-less malware) and other advanced attacks in real-time. As soon as suspicious process flows and behaviors are detected, True Owl’s endpoint protection immediately stops the potential threats by blocking outbound communications and access to the file system from those processes. These actions prevent data from being taken (data exfiltration), command and control (C&C) communications, file tampering, and ransomware encryption.
Respond and Repair
True Owl’s security operations center will utilize a wide variety of remediation tactics following an attack. These tactics include automated termination of malicious processes, removal of files, isolation of applications, and roll back of malicious changes
True Owl includes and recommends all computer users to participate in regular security awareness training. The Cybersecurity training program provides simulated phishing attacks and security awareness training campaigns, making your employees the best defense against cybercrime.
- Filters the DNS request based on the domain rating
- Blocks the DNS request for known command and control (C&C) domains
- Local domain filter
- Log Storage
- Avid’s SIEM will store firewall logs for six-months. Firewalls typically store a day or less of data.
- Network Activity
- Visibility, correlation, automated response and remediation of network activity
- Machine Learning & Statistical Methodologies
- Machine learning and statistical methodologies to baseline normal behavior and incorporate real-time, actionable insights into irregular user behavior regarding business-critical data
- Unified data collection and analytics from diverse information sources including logs, performance metrics, security alerts and configuration changes
- Off-site backups of firewalls, emergency equipment replacement and rapid configuration modifications
True Owl will set up monitoring parameters and thresholds using its Virtual Server Agent. True Owl will monitor agent status, Windows services state, performance counters and Event Logs 24/7. In the event of an alert, a service ticket will be generated. Tickets will be categorized as Critical, High or Normal. Once a ticket is generated, True Owl will work to resolve the cause of the alert.
True Owl will conduct scheduled and Ad Hoc maintenance activities, including server reboots, services restarts, patch management, hardware and software audit reports and Exchange defragmentation. Scheduled server health checks will be conducted based on Microsoft Best Practices Analyzer.
True Owl will deploy Endpoint Protection on all servers.