The COVID-19 pandemic changed how we work across the globe. The traditional shared office transformed and for many a home office and a virtual workplace is the new norm. With entire organisations meeting via video teleconferencing and messaging tools such as Zoom, Slack, Microsoft Teams, and Google Hangouts, the cloud is busier than ever, making cloud security more important than ever.
In the public cloud, there’s a division of responsibility between the Cloud Service Provider (CSP) and the user (you). Security for things like data classification, network controls, and physical security need clear owners. The division of these responsibilities is known as the shared responsibility model for cloud security. In its simplest interpretation CSPs are responsible for security “of” the cloud, while customers are responsible for security “in” the cloud.
As more IT infrastructure and applications operate in the cloud, security teams need to understand the controls to protect it and gather appropriate data to monitor it. Talion’s Managed Detection & Response (MDR) service ingests the relevent security event and log data from your cloud provider and associated services; AWS, Azure, Google Cloud and many more, and monitors this environment 24×7 for suspicious activity.
At the heart of our MDR service is our threat-led process that focuses on understanding the customer’s business, what’s important to them and the threats they face.
We create, hone and maintain threat use cases to ensure we defend against what matters to our customers. This methodology is equally applied to cloud, hybrid and on-premise networks and the threats they face. We build rule and playbook content to detect these threat use cases, and in the case of playbooks, enrich and orchestrate a response, whether that be actionable recommendations, manual actions or automated remediations.
Our process of improving detection and response is iterative, ongoing and threat-led. A new event source, on-premise or cloud-based, may provide data that no previous source did, opening doors to detect different Indicators of Compromise (IoCs) and therefore additional or more sophisticated threat use cases.
We pride ourselves on staying ahead of the threat. The MDR service is underpinned by our expert Threat Intelligence team. We work with multiple customers managing workloads across multiple cloud vendors and we operate a ‘Benefit One, Benefit All’ system. You will benefit from the lessons learnt across all our customers, as well as the detection content and playbooks that we have built to deal with a wide array of threat use cases.
Call us directly and we’ll put you in touch with the most relevant cyber expert.
Not currently free to call? Give us a brief description of what you’re looking for by filling out our form and we’ll email you as soon as we can.
Thought-provoking cyber security discussion at Michelin-star restaurants across the UK.
