Aug 09, 2017 3762times

Malicious Threat Detection (MTD) Services - Proof of Concept (POC)

  • Effective immediately - spot malicious threat immediately 
  • Maximum 2 weeks

1. Summary

This document describes the requirements and needs for the successful execution of a RedSocks Malicious Threat Detection Proof of Concept (PoC). This document is also intended to set the expectations of the PoC according to the capabilities of the RedSocks Solutions.

1.1 Proof of Concept

The RedSocks MTD PoC is intended for a customer who wishes to experience the operations and effectiveness of the appliance in a live environment. Because every environment has different characteristics and operational specifications there is a need for information about those specifics. This document describes the need for this information. A Proof of Concept usually only encompasses one (1) RedSocks Malicious Threat Detection (MTD) and one (1) probe (hardware or virtual appliances)

1.2 RedSocks solution management overview

RedSocks is specialized in detecting and fighting malware. This 100% Dutch company provides the RedSocks Malicious Threat Detection (MTD) as network appliance. This innovative appliance analyses digital traffic flows in real-time on the basis of lists of malicious indicators and algorithms compiled by the RedSocks Malware Intelligence Team. The members of this team are highly experienced specialists
in finding new threats on the Internet and translating them into state-of-the-art malware detection. The RedSocks appliance detects malware, malicious behavior and potential data leakage in network traffic and in doing so provides an effective solution for a healthy network and safer IT-facilities for an efficiently operating organization.

1.3 Confidentiality

RedSocks recognizes the confidentiality level of the details requested in this document. As such this document is only intended for the use by RedSocks and the customer and only for the purpose of the PoC. The contents and scope of this document will never be shared in any form (digital, in print, writing or any other form) without explicit written permission from the customer.

1.4 RedSocks End User License Agreement

When conduction a Proof of Concept the customer agrees with all the terms and conditions of the RedSocks EULA in respect to this product and the use of this product – please refer to appendix A.


2. Required Information

The following forms contain the information required by RedSocks to successfully plan, implement and evaluate the PoC. The information provided will assist RedSocks in identifying key dates, contacts and technical specifications. When the customer has any documentation he/she considers important and valuable in the successful execution of the PoC please attach it / them at the bottom of this document.

Please fill in all fields marked

2.1 PoC Success Criteria

Please provide success criteria and/or use cases on which the RedSocks will be evaluated during the PoC. Some examples are: 1) Ability to detect P2P connections 2) Detection of outgoing malware connection 3) Ability to send syslog information to a central syslog server 4) Detection Team Viewer and ability to whitelist this traffic 5) Ability to pinpoint infected system 6) Time needed for system management 7) Usage of external storage 8) E-Mail alerting 9) Syslog configuration 10) Reporting on … 11) Roll Based Access Control (RBAC) / DPO Analysis 12) Data Retention  

2.2 Virtual Appliances 

RedSocks offers virtual appliances. More details with regards to the requirements are provided in this paragraph and in the manuals. Please select the preferred implementation:

Virtual MTD  Minimal System Requirements     Recommended System Requirements 
VMware software   VMware ESXi 5.1 & higher VMware ESXi 5.1 & higher
Storage capacity 140 GB 140 GB
CPU cores 4 8
Memory 8 GB 8 GB

 

Virtual Probe  Minimal System Requirements     Recommended System Requirements 
VMware software   VMware ESXi 4.1 & higher VMware ESXi 4.1 & higher
Storage capacity 15GB 15GB
CPU cores 2 4
Memory 4 GB 8 GB

 

 

   

Asia Pacific service contact

Mr. PHILIP

This email address is being protected from spambots. You need JavaScript enabled to view it.


RedSocks Security is specialised in detecting malicious network behaviour and combatting cybercrime. By combining Machine Learning, Artificial Intelligence and Cyber Threat Intelligence, RedSocks Security provides non-intrusive, real-time breach detection solutions and incident response services. Our solutions are implementable within organisations of all sizes, and serve as a tool of continuous organisational network monitoring. RedSocks Security offers the RedSocksMTD® as a virtual or hardware network appliance. This innovative, scalable solution analyses outgoing network traffic flows (e.g. Netflow, IPFIX) in real-time, based on algorithms and lists of malicious indicators, helping organisations detect digital threats and APTs faster.

By using the RedSocksMTD® solution, organisations can automatically and accurately identify hidden infections and accelerate incident response. In addition to that the appliance can be used as a compliancy tool since RedSocks Security implements forensic-grade data storage methods.

Using RedSocks Security solutions as methods of threat detection allows organisation’s Security, and Data Protection Officers to maintain the forensic validity of their data even when data is stored on external systems.

For more information please visit: www.redsocks.eu

Related items

CyberSecurity (ISO/IEC 27032) Defence by Malicious Threat Detection (MTD) Services
CyberSecurity (ISO/IEC 27032) Defence by Malicious Threat Detection (MTD) Services
  • 500,000,000 Personal Data Stolen or Lost in 2015
  • Crypto-ransomware Attacks Grew by 35%
Aug 09, 2017
智慧型網路惡意攻擊偵測服務 CyberSecurity (ISO/IEC 27032) and Malicious Threat Detection Services
智慧型網路惡意攻擊偵測服務 CyberSecurity (ISO/IEC 27032) and Malicious Threat Detection Services

協助企業在即時偵測惡意攻擊與可疑的內部資料外洩偵測行為,防止惡意軟體蒐集將資料外送。

Aug 09, 2017
CyberSecurity (ISO/IEC 27032) and Malicious Threat Detection Services 智慧型網路惡意攻擊偵測服務
CyberSecurity (ISO/IEC 27032) and Malicious Threat Detection Services 智慧型網路惡意攻擊偵測服務

偵測內部資料異常存取行為、洩漏,防止惡意軟體蒐集將資料外送 

Aug 09, 2017
Go to top
JSN Educare is designed by JoomlaShine.com | powered by JSN Sun Framework