Cyber-threat monitoring & detection

Protect your business with real-time cyber-threat monitoring

Endpoint Detection & Response - Intrusion detection system (IDS) with real-time alerts

UKFast blocked more than 14.4 million cyber-attacks on our clients' solutions in 2019. Read the full report for 2019.

The ever-evolving cyber-threat landscape is rapidly expanding, with cyber-attacks increasing in volume, sophistication and severity. Now is the time to implement the right security features for your business. You cannot afford to be left open to attack.

UKFast Threat Monitoring uses SIEM technology to provide your business with real-time visibility over your infrastructure, ensuring attacks are detected and prevented to keep your business data safe at all times.

Built to meet high compliance standards, Threat Monitoring detects all activity across your solution, including servers, VMs and applications, providing you with an overview of any threats and vulnerabilities that put your business at risk.

By combining host-based intrusion detection, file integrity monitoring, intelligent blocking and vulnerability scanning and remediation from our in-house team, we improve the security of your infrastructure to mitigate the impact of a devastating cyber-attack.

Add UKFast's intrusion response service - Threat Response - to Threat Monitoring for immediate access to expert engineers who will minimise the effects of damage caused in a successful data breach.

What is SIEM technology?

Security Information and Event Management (SIEM) gives you real-time IDS visibility of cyber-threats through your MyUKFast dashboard. Develop a greater understanding of what threatens your monitored servers now.

  • The Source of Attacks

View a map detailing the geographic source of events.

  • Critical File Changes

See any critical file changes made in your dashboard overview to ensure you are immediately aware of suspicious activity.

  • Events Over Time

Get graphical views of the number of events that have occurred over time.

  • Targeted Servers

Discover which servers are generating the most events.

  • Customise

See statistical views and data, with the ability to choose the graphs and stats you want on your dashboard.

Virtual Desktop Infrastructure

Intelligent Blocking

IP addresses believed to be attacking a host are automatically blocked to prevent against threats, such as:

  • Brute force attacks
  • Remote code injection
  • Cross-site scripting

As UKFast's intelligence feed grows, you can be assured that known malicious IP addresses are blocked before any attempt to breach your infrastructure can occur.

Speak to a Threat Monitoring specialist to find out more today.

Speak to a specialist

File integrity monitoring

Changes made to your infrastructure can impact its security and leave it extremely vulnerable to malicious actors. Being unaware of these changes can introduce weaknesses in your defences, or even worse, leave you unaware of an undetected attack that is stealing your sensitive data. By using file integrity monitoring, real-time alerts will be generated if your critical files ever change.

These alerts will provide you with information of the file changed, the user who changed the file, and the contents of the files changed, giving you the visibility of whether changes made are a threat to your infrastructure. These changes may be carried out by a cyber-attacker or a member of your in-house team; it is vital to remain vigilant when 80% of attacks are down to human error.

Vulnerability scanning

Threat Monitoring includes the ability to run two types of vulnerability scan against your protected servers. These scans look for known common vulnerabilities and exposures (CVE) on your solution and return a report detailing any found, along with their degree of severity.

On-Demand Scanning

Run when you want, however often you want, immediately or schedule out of hours. View the results then run again once your system is patched to confirm it is secure.

Comprehensive Reporting

Each scan generates a report listing any found vulnerabilities, in order of severity, with remediation suggestions for many vulnerabilities for system administrators to action. View online or download as PDF.

External Scanning

These scans run from outside your network, with no credentials or special access, to give you an idea of what general public internet traffic could view or expose.

Internal Scanning

Through agents installed on your monitored servers, the internal scan checks for vulnerabilities on devices that the external scan may not be able to access.

PCI Compliance

These scans can be used to help with PCI DSS requirements, specifically for those who need to comply with SAQ A-EP, and SAQ-D. Speak to your account manager for more information.

Find out more about Threat Monitoring and how it can protect your business

Discover how Threat Monitoring blocked a staggering 1.5 million attacks in the first 10 weeks of 2019 and what types of sophisticated attacks your business needs protecting against today.

Threat Monitoring with Threat Response

Threat Monitoring is the first layer of monitoring and protecting your IT environment. Couple this with our bleeding-edge Threat Response and you get instant access to our dedicated security team who will provide insights into activity carried out within your environment, and immediately address vulnerabilities and threats to keep your business assets safe.

We're here to support you 24/7/365 and are an extension of your IT team! We work closely with you to improve the security of your solution over time and provide remediation to any incidents detected.

Feature Threat Monitoring With Response
Threat Alerts
Host-based Intrusion Detection
Vulnerability scans
File integrity monitoring
Rootkit detection
Proactive Response
Mitigation Advice
Fix Implementation
Crown Commercial Service
Cyber Essentials
Carbon Neutral
ISO 9001
ISO 27001

Certifications and Industry Compliance

Your solution is only ever housed in our government and ISO-certified, ultra-secure data centres managed by security cleared personnel. And as an exclusively UK-based company, hosting with UKFast offers guaranteed data sovereignty. UKFast is a government approved supplier through the G-Cloud 12 framework.