DIGICISO

In today's complex, global environment for business operations, DIGICISO can pesistently monitor the information environment and provide critical situational awareness. Using AI/ML technologies DIGICISO minimizes "human" requirement, implements processes and technologies to provide industry-leading cyber defense and integrated threat management.

The traditional Managed Security Services (MSS) model uses signature-based network security tools such as intrusion detection and prevention systems (IDS/IPS) and security events (antivirus alerts, firewall denies, etc.) to detect attacks based on known patterns and attack vectors. DIGICISO service takes a new approach to managed security by automating much of the traditional MSS model through its Intelligent Threat Platform (ITP) which allows analysts to spend their time doing advanced network hunting for threats that can circumvent traditional security controls

Key Differentiators

All data stays within the customer environment.

DIGICISO model leverages secure, isolated Virtual Desktop Interfaces (VDI's) for each of our customers which are logically separated from all other client organizations and wiped on disconnect. By using this infrastructure our service ensures that all data stays within the client's environment. By leveraging the client's current or on premises DIGICISO security toolset there is no forwarding of any logs/events from the client enterprise – we ensure that client organizations maintains control over their most sensitive security data.

Advanced analytics.

Built in Intelligence using AI and ML which allows User Entity Behavior Analytics (UEBA) for effective identification and remedial actions for the low and slow incidents.

Universal Dashboard.

Proprietary Universal dashboard collects data from all sources even if it has only UI interface for human user.

Capture Analyze Report.

Proprietary CAR "Capture Analyze Report" framework the system provides analysis and reports from any system on the network. Extensive out of the box and customizable reports, Analytical dashboards for precise insights that help manage security posture much better

Service Integration.

We consider our service a collaborative security service, meaning that our automation in reporting, and process allows us to align with each client completely and efficiently. This is identified and integrated into the service during the activation phase.

Active advanced detection and threat "hunting".

We hunt on a 24x7x365 basis through a combination of our Intelligent Threat Platform (ITP), automation, and 24x7 SOC provides advanced monitoring, protection and investigation of cyber incident.

Insider Threat Mitigation.

Combine policies, training and endpoint monitoring to address insider threats, whether malicious or unintentional, while balancing privacy with protection.

Auto alerts

Automatic generate alerts to suspicious behavior by applying analytics and by leveraging external threat intelligence fused with internally collected security data.

Full-text event search

Using a combination of machine data, logging mechanisms, NLP

When events of interest are identified, DIGICISO collects the relevant metadata from the security platform, applies a risk score, and presents the event in a secure web portal on the DIGICISO server. The risk score is an aggregate score derived from confidence (i.e., trustworthiness of the matched indicators, source, and metadata) and severity (i.e., expected impact of a confirmed threat) values. Virtual Security Operations Center (VirSOC) analyst teams investigate the events of interest and log their findings and recommendations in DIGICISO embedded ticketing system.

Client analysts and incident responders have full access to DIGICISO's investigation and ticketing workflows. In support of client management teams, DIGICISO provides multiple dashboards to provide reporting on platform results and analyst reports

DIGICISO covers all domains of
information security

Internal
  • Firewall
  • IDS
  • IPS
  • SIEM
  • WAF
  • NAC
  • IAM / SSO / RBAC
  • Vulnerability management
  • Data classification
  • Netflow
  • Net monitoring
  • IT Assets management
  • DLP
  • Honey pot
  • Proxy / Content filtering
  • Endpoint protection
  • Threat monitoring and detection
  • Risk Management
  • Information Security Awareness training
  • Incident management and response
  • Security Operating Centre
  • Metrics
  • Compliance – ISO 27001 / 27031 / PCI / NIST
         / SANS TOP 20 / ISO 22301
External
  • Digital monitoring - Anti Phishing, Social Media Monitoring, Mobile Application Monitoring, Domain Name Monitoring
  • DMARC implementation - to prevent Email Spoofing
  • User simulation platform to train internal users and customers on the dangers of Phishing attacks
  • News feed Monitoring - Platform to aggregate data from social media and news sources affecting your brand, along with semantic analysis which allows you to collect your consumers and general public opinion. This data is invaluable to analysis of marketing campaigns.
  • Security reports - open source community intelligence command and control reports, exploit kit identification, blacklists, APT tagged domains, suspicious proxies and others
  • Threat intelligence - By combining threat intelligence from multiple sources along with independent insights from our honeypots and in-house research, we bring data points that work for customer
Analytics
  • Extensive reporting - Extensive out of the box and customizable reports, Analytical dashboards for precise insights that help better manage security posture
  • Full-text event search - Using a combination of machine data, logging mechanisms, NLP
  • Using in-house developed AI/ML algorithm incidents are detected and classified.
  • Distributed intelligence - Data collected from different sources like mail server, webserver to proactively prevent attacks.
  • Pre emptive action towards approaching threat - with our SOC operating 24x7, effective measures are pushed as soon as they are discovered.
  • User and Entity Behavior Analytics - User and entity behavior (UEBA) analytics use supervised and unsupervised machine learning techniques to detect anomalous behaviors and find attackers without up-front configuration. Supervised learning models, trained on large volumes of real world data, are applied to quickly surface indicators of compromise that would otherwise remain undetected. DIGICISO unsupervised machine learning models ensure that the system is self-learning, continually adapting and accurately identifying anomalies even as attacks evolve.
User Training
  • Information Security awareness portal - A feature packed platform with 30+ topics, 30+ infographics, multi lingual, role based content, portal analytics for user awareness training, Testing for effectiveness of training.