Sales
0161 215 3700
0800 458 4545
Support
0800 230 0032
0161 215 3711

Threat Monitoring

Threat Monitoring uses agents installed on each of your servers, which continuously analyse data to distinguish between potential security breaches and normal activity. It works to deliver the following services:

  • Host-based Intrusion Detection and log file collation
  • Vulnerability scans
  • File integrity monitoring
  • Rootkit detection

UKFast provide a default list of logs and events collected which can be customised for your environment on a discovery day with a UKFast security analyst. If any of the 2000 rules created are triggered, an alert will be sent to our internal security team and the appropriate action will be taken. Summary reports and detailed log files are available for analysis and compliance purposes.

What do the alerts look like?

Alerts are categorised into four levels;

LOW

Low level events are expected during day to day use. Low level events can vary from fail over events to Windows audit success / failures for Kerberos tickets. These events will be logged and reported for reference.

NORMAL

Normal events include user activity that is expected but is still monitored. These are events such as successful logins from IPs that are expected and during normal hours.

HIGH

High level alerts may need immediate investigation, such as successful logins from unknown IP addresses and changes to user account permissions. These events should be infrequent and not ignored.

CRITICAL

Critical alerts are indicators of a system compromise and need to be investigated immediately. Critical alerts could include successful logins after failed attempts, modifications to core system files, and modifications to payment gateway files.

Threat Monitoring with Response

Threat Monitoring is the first layer of monitoring and protecting your IT environment, and Threat Response ensures that threats are mitigated.

With Threat Response you get access to our dedicated security team who will respond and help mitigate your threat alerts with full transparency.

We will work closely with you to give full visibility of the mitigation approach, and implement this with your agreement.

Feature Threat Monitoring Threat Monitoring
with Response
Threat Alerts
Host-based Intrusion Detection
Vulnerability scans
File integrity monitoring
Rootkit detection
Proactive Response
Mitigation Advice
Fix Implementation

Why use Threat Monitoring?

Early Detection

Our Threat Monitoring system alerts you of any breaches to your IT in real time.

Protection

Minimise the chance of your data being stolen and defend your web applications.

Flexibility

Create bespoke rule sets for your monitoring solution.

Always Available

Guaranteed 100% network up time, ensuring your business is always online

Mitigating Alerts

With Threat Response, threats to your infrastructure will be mitigated accordingly.

Visibility

Detailed reports and live alerting through email, SMS and MyUKFast.

Zero compromise when securing your data

Threat Monitoring with Response is a key feature of PROsecure™, our comprehensive security suite combining the latest technology with in-house expertise to ensure that threats are identified, diagnosed and neutralised.
Explore PROsecure™

Speak to a Security Specialist

Call 0800 458 4545 or Get in Touch