GuidePoint leverages Splunk and Crowdstrike to automate critical security operations for customers

Find more than just an MSSP; find a partner

Today, organizations are scrambling to find managed security services providers (MSSPs) who can combat the shortage of qualified cybersecurity personnel available. Enterprises that have moved operational components of their security programs to MSSPs (e.g. management of on-premise or cloud-based Security Incident and Event Management Systems (SIEM)), often express disappointment with the value that typical MSSPs provide. Because most traditional MSSPs consider it their core function to forward alerts at a certain threshold to the customer for treatment, widespread complaints by organizations are growing – claiming that noise emanating from their MSSPs require as much manpower as managing their SIEM in-house. As such, these MSSPs are not adequately addressing the needs of their customers.

GuidePoint Security focuses its solution development on addressing these needs. Instead of reworking a failed model, GuidePoint brings Advanced Security Operations to our customers through a combination of best-in-class practices and technologies. Instead of simply forwarding alerts from customer SIEM environments, GuidePoint’s vSOC managed security service validates every alert to ensure that each threat is real. By doing so before taking further action or alerting our customers, customers save time and resources in tracking down false-positives.

Leveraging its partnership with CrowdStrike and Splunk, GuidePoint’s vSOC recently developed the capability to automate critical security operations functions including detection, hunting and remediation. Together, the advanced capabilities of both the Splunk platform and Crowdstrike’s Falcon Platform, allow customers to trust GuidePoint’s vSOC (and their skilled analysts) to alert them once an incident has been detected, validated and remediated. This practice offloads these processes from our customers’ security teams and allows them to focus on other tasks requiring their unique context and expertise, providing real value to our customers.

Interested in learning more? GuidePoint Security has a booth at .conf2017: the 8th Annual Splunk Conference, in Washington DC, Sept. 25-28th. Drop by and see us at the conference for a live Advanced SecOps demo.

Stay tuned for future blog posts on the coming solutions GuidePoint’s vSOC uses to provide customers with Advanced Security Operations – virtually.

About GuidePoint Security

GuidePoint Security LLC provides innovative and valuable cybersecurity solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification is with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.

Author

Robert Vaile – GuidePoint Security’s Director for vSOC Product Development

GuidePoint Security’s vSOC and Prelert’s AD Strike Back Against DROWN

In a recent blog article titled, Star Wars X – Attack of the DROWNs: Machine Learning-based Anomaly Detection Detects the DROWN SSLv2 Vulnerability, Prelert announced the ability to detect Decrypting RSA with Obsolete and Weakened eNcryption (DROWN) attacks using machine-based learning through the Prelert Anomaly Detective (AD) tool. The widespread nature of the vulnerabilities related to DROWN means that it is highly likely there are still many vulnerable servers in the wild that could benefit from the watchful eye of Prelert AD operated by the trained network defenders of a managed security service like GuidePoint Security’s Virtual Security Operations Center (vSOC). vSOC leverages the power of Prelert’s AD to enhance the native detection capabilities of our Splunk-centric monitoring platform. The DROWN use case, in addition to many other co-developed use cases, provides vSOC with finely tuned anomaly detection that enables us to quickly identify, validate, and report critical security incidents to our customers. Stay tuned to the GuidePoint vSOC blog for other joint efforts and collaborative projects all focused on the protection of enterprise networks and data through advanced monitoring and hunting techniques.

About GuidePoint Security

GuidePoint Security LLC provides customized, innovative and valuable information security solutions and proven cyber security expertise that enable commercial and federal organizations to successfully achieve their security and business goals. By embracing new technologies, GuidePoint Security helps clients recognize the threats, understand the solutions, and mitigate the risks present in their evolving IT environments. Headquartered in Herndon, Virginia, GuidePoint Security is a small business, and classification can be found with the System for Award Management (SAM). Learn more at: www.guidepointsecurity.com.