Malicious Threat Detection (MTD) Services - Proof of Concept (POC)
- Effective immediately - spot malicious threat immediately
- Maximum 2 weeks
This document describes the requirements and needs for the successful execution of a RedSocks Malicious Threat Detection Proof of Concept (PoC). This document is also intended to set the expectations of the PoC according to the capabilities of the RedSocks Solutions.
1.1 Proof of Concept
The RedSocks MTD PoC is intended for a customer who wishes to experience the operations and effectiveness of the appliance in a live environment. Because every environment has different characteristics and operational specifications there is a need for information about those specifics. This document describes the need for this information. A Proof of Concept usually only encompasses one (1) RedSocks Malicious Threat Detection (MTD) and one (1) probe (hardware or virtual appliances)
1.2 RedSocks solution management overview
RedSocks is specialized in detecting and fighting malware. This 100% Dutch company provides the RedSocks Malicious Threat Detection (MTD) as network appliance. This innovative appliance analyses digital traffic flows in real-time on the basis of lists of malicious indicators and algorithms compiled by the RedSocks Malware Intelligence Team. The members of this team are highly experienced specialists in finding new threats on the Internet and translating them into state-of-the-art malware detection. The RedSocks appliance detects malware, malicious behavior and potential data leakage in network traffic and in doing so provides an effective solution for a healthy network and safer IT-facilities for an efficiently operating organization.
RedSocks recognizes the confidentiality level of the details requested in this document. As such this document is only intended for the use by RedSocks and the customer and only for the purpose of the PoC. The contents and scope of this document will never be shared in any form (digital, in print, writing or any other form) without explicit written permission from the customer.
1.4 RedSocks End User License Agreement
When conduction a Proof of Concept the customer agrees with all the terms and conditions of the RedSocks EULA in respect to this product and the use of this product – please refer to appendix A.
2. Required Information
The following forms contain the information required by RedSocks to successfully plan, implement and evaluate the PoC. The information provided will assist RedSocks in identifying key dates, contacts and technical specifications. When the customer has any documentation he/she considers important and valuable in the successful execution of the PoC please attach it / them at the bottom of this document.
Please fill in all fields marked
2.1 PoC Success Criteria
Please provide success criteria and/or use cases on which the RedSocks will be evaluated during the PoC. Some examples are: 1) Ability to detect P2P connections 2) Detection of outgoing malware connection 3) Ability to send syslog information to a central syslog server 4) Detection Team Viewer and ability to whitelist this traffic 5) Ability to pinpoint infected system 6) Time needed for system management 7) Usage of external storage 8) E-Mail alerting 9) Syslog configuration 10) Reporting on … 11) Roll Based Access Control (RBAC) / DPO Analysis 12) Data Retention
2.2 Virtual Appliances
RedSocks offers virtual appliances. More details with regards to the requirements are provided in this paragraph and in the manuals. Please select the preferred implementation:
|Virtual MTD||Minimal System Requirements||Recommended System Requirements|
|VMware software||VMware ESXi 5.1 & higher||VMware ESXi 5.1 & higher|
|Storage capacity||140 GB||140 GB|
|Memory||8 GB||8 GB|
|Virtual Probe||Minimal System Requirements||Recommended System Requirements|
|VMware software||VMware ESXi 4.1 & higher||VMware ESXi 4.1 & higher|
|Memory||4 GB||8 GB|
Asia Pacific service contact
RedSocks Security is specialised in detecting malicious network behaviour and combatting cybercrime. By combining Machine Learning, Artificial Intelligence and Cyber Threat Intelligence, RedSocks Security provides non-intrusive, real-time breach detection solutions and incident response services. Our solutions are implementable within organisations of all sizes, and serve as a tool of continuous organisational network monitoring. RedSocks Security offers the RedSocksMTD® as a virtual or hardware network appliance. This innovative, scalable solution analyses outgoing network traffic flows (e.g. Netflow, IPFIX) in real-time, based on algorithms and lists of malicious indicators, helping organisations detect digital threats and APTs faster.
By using the RedSocksMTD® solution, organisations can automatically and accurately identify hidden infections and accelerate incident response. In addition to that the appliance can be used as a compliancy tool since RedSocks Security implements forensic-grade data storage methods.
Using RedSocks Security solutions as methods of threat detection allows organisation’s Security, and Data Protection Officers to maintain the forensic validity of their data even when data is stored on external systems.
For more information please visit: www.redsocks.eu