Managed Solutions
Managed Security Solutions
Managed Detection and Response
Advanced threats can always challenge and evade legacy network security technologies like firewalls. With our managed detection and response service, we Identify network intrusions which requires full monitoring of all traffic as it enters and leaves your network, as well as how it traverses your network internally.
Service Overview
Quickly Track & Respond To Suspicious Activity In Your Network Traffic
Our security operations team uses the latest network monitoring and intrusion detection (IDS) technologies to track suspicious traffic inside your network, and quickly determine malicious intent. This service is known as Managed Detection And Response. When a malicious presence is identified, containment processes are in place to nullify the threat before any harm is caused.
Advanced threats can always challenge and evade legacy network security technologies like firewalls. Identifying network intrusions requires full monitoring of all traffic as it enters and leaves your network, as well as how it traverses your network internally. This is a necessity for any security team, making it possible to spot suspicious activity such as lateral movements during data exfiltration and the proliferation of malware.
I feel like their people truly "dig in" and try to find any issues that need patching or remediation. They do it in a non-condemning way, and always look to help us get through the remediation in the safest, fastest and secure way possible.
For 2018 there was no question who we would engage to help us get through the process. They were excellent and the process was easier the second time around.
The Definitive Guide To SOCaaS
Classification
Bricata delivers powerful network understanding, threat detection, and threat hunting capabilities in a tightly-integrated, seamless platform built for ease-of-use, deployment, and management.
The table below sets forth the methodology utilized by MegaplanIT’s security engineers and analysts in triaging, evaluating, and addressing customer problems related to the functionality of Bricata products. Classification will be determined at MegaplanIT’s sole discretion based on factors, including input obtained from the customer.
Classification | Criteria |
|---|---|
High | Problem affects time-critical applications with production work substantially degraded. Software is completely unusable and no known workaround is currently available. The affected system is a necessary component of the customer’s production process. |
Medium | Software significantly impaired such that customer’s key business processes cannot be conducted and no known work-around is currently available. |
Low | Software is functional; however there is minimal impact to the customer’s ability to use the software for production purposes. |
Response Expectations
In the event that an error is discovered in Bricata’s software that causes the software not to operate in conformance with the published specifications or applicable documentation, the customer must provide a reasonable description of the problem or error to MegaplanIT’s support team and propose a classification of the severity based on the problem classification table above and all additional data as specified herein. MegaplanIT will acknowledge the notice with a ticket number (“ticket”) and make commercially reasonable efforts to assign appropriate assets to resolve the problem as specified in the response expectation table.
The following Response Table specifies response targets that will be assigned to a customer problem at each step of the process, based on the severity classification assigned to the problem. MegaplanIT will use commercially reasonable efforts to resolve customer tickets in the estimated time frames set forth below.
Classification | Tier 1 | Tier 2 | Tier 3 |
|---|---|---|---|
High | One Hour | Continuous effort | Continuous business-day effort |
Medium | Four- to six-hour response time | Continuous business-day effort | Worked on a time-available basis |
Low | Response by next business day | Worked on a time-available basis | Worked on a time-available basis |
Tier 1
Involves the acknowledgment of a customer’s problem and the initiation of the information gathering process.
Tier 2
Involves active problem resolution. The goal of the problem resolution process is to provide relief from the reported problem, as quickly as possible, through a temporary patch, correction, or work-around, and thereafter, to identify and provide a durable solution.
Tier 3
Involves ongoing problem resolution. MegaplanIT will use commercially reasonable efforts to identify and provide a durable solution.
Key Benefits of MegaplanIT's Managed Detection And Response
Enriched Network Metadata
Perfect-Fidelity Smart PCAPs
Stateful Anomaly Detection
Network Metadata-to-PCAP Linking
AI Binary Inspection for Zero-Day File Inspection
Open APIs for Sharing with Other 3rd Party Tools
Deep Packet Inspection Signature Matching
Context-sensitive Auto-generated Queries
Intuitive GUIs and Expert-system Workflows
Received Prioritized Alerts
Packet Dropping
Hash Generation and Forensic Evidence Export
Unleash The True Power Of Your Managed Security Solutions
Our 24/7 Security Operations Center provides always-on threat hunting and investigation capabilities and a member of our team is always available to answer your questions and address any security concerns. Best of all, you get full visibility of your threat landscape, so you can see active threats against your environment in real-time.
Industry Leading Certified Experts
Managed Security, Managed Compliance, and Security Consulting all under one roof make us the leader in asset protection.
When You Work With MegaplanIT
Discover the fast and cost-effective security services backed by our experienced and certified professionals.
Chief Technology Officer
Payments and Software Company
For 2021 there was no question who we would engage to help us get through the process. They were excellent and the process was easier the second time around.
Our Security Consultant was extremely well organized, knowledgeable , personable and responsive. Our IT Director was extremely satisfied. I shopped for year one and MegaplanIT was the most reasonable and all-encompassing and you felt they were in it for a long term relationship. Do not hesitate to hire MegaplanIT they are very approachable and responsive. I heartily recommend them
CEO
Travel Related Technology and Payment Solutions
CEO
Payment Technology Merchant Acquirer
From sales to the final report (and everything in between), working with MegaplanIT has been a pleasure. Their vast PCI knowledge, along with their fast response times far exceeded my expectations. They truly understand PCI, and how that applies to our virtual environment. They are a great partner, and always try to make themselves available when we need them. A truly professional and dedicated team!
Make Our Team, Your Team!
Our innovative IT security and compliance solutions are designed to deliver customized, cost-effective service on time—because your priorities are our priorities. With a highly qualified team of PCI-DSS QSAs, Penetration Testers, and Information Security Consultants here at MegaplanIT, we will assess your unique company and business environment and design a path to security that will fit all of your needs.
Log Collection
Logs are collected from event sources (such as servers, switches, routers, operating systems, and firewalls) throughout the IT environment of your organization. The logs are then forwarded to other Security Analytics devices, where they are stored as metadata for use in investigations and reports.
Compliance Monitoring
Our monitoring tool assesses your adherence to your organization’s policies and procedures, governing activities that pose compliance risk to your business and helps the business effectively manage risks on an ongoing, real-time basis.
Log Retention
Our log retention service provides full lifecycle management of your chosen log retention technology, assuring that your log retention tool will allow you to achieve and/or maintain your PCI-DSS, FISMA or HIPAA compliant status.
Incident Response
Our IR Plan encompasses the six key phases that are defined in NIST-SP 800-61: Preparation, Detection, Containment, Investigation, Remediation, Recovery
Managed SIEM
Utilizing our managed SIEM tool allows your organization to effectively allocate your IT staff, allowing them to focus on core business needs and new projects while providing peace of mind, knowing that your environment is efficiently managed and constantly monitored for any compromise.
Event & Intelligence Correlation
Regardless of whether the events are associated with end-user experience, business processes, application performance or technology performance, effective event correlation will pinpoint the specific cause of any event storm.