Protect your online business assets with Threat Monitoring from UKFast. Our solution is built in house by the same security specialists who answer your support calls, so your business has never been more secure.
Threat Monitoring uses agents installed on each of your servers, which continuously analyse data to distinguish between potential security breaches and normal activity. It works to deliver the following services:
- Host-based Intrusion Detection and log file collation
- Vulnerability scans
- File integrity monitoring
- Rootkit detection
UKFast provide a default list of logs and events collected which can be customised for your environment on a discovery day with a UKFast security analyst. If any of the 2000 rules created are triggered, an alert will be sent to our internal security team and the appropriate action will be taken. Summary reports and detailed log files are available for analysis and compliance purposes.
What do the alerts look like?
Alerts are categorised into four levels;
Low level events are expected during day to day use. Low level events can vary from fail over events to Windows audit success / failures for Kerberos tickets. These events will be logged and reported for reference.
Normal events include user activity that is expected but is still monitored. These are events such as successful logins from IPs that are expected and during normal hours.
High level alerts may need immediate investigation, such as successful logins from unknown IP addresses and changes to user account permissions. These events should be infrequent and not ignored.
Critical alerts are indicators of a system compromise and need to be investigated immediately. Critical alerts could include successful logins after failed attempts, modifications to core system files, and modifications to payment gateway files.
Threat Monitoring with Response
Threat Monitoring is the first layer of monitoring and protecting your IT environment, and Threat Response ensures that threats are mitigated.
With Threat Response you get access to our dedicated security team who will respond and help mitigate your threat alerts with full transparency.
We will work closely with you to give full visibility of the mitigation approach, and implement this with your agreement.
|Feature||Threat Monitoring||Threat Monitoring
|Host-based Intrusion Detection|
|File integrity monitoring|
Why use Threat Monitoring?
Our Threat Monitoring system alerts you of any breaches to your IT in real time.
Minimise the chance of your data being stolen and defend your web applications.
Create bespoke rule sets for your monitoring solution.
Guaranteed 100% network up time, ensuring your business is always online
With Threat Response, threats to your infrastructure will be mitigated accordingly.
Detailed reports and live alerting through email, SMS and MyUKFast.
Zero compromise when securing your data
Threat Monitoring with Response is a key feature of PROsecure™, our comprehensive security suite combining the latest technology with in-house expertise to ensure that threats are identified, diagnosed and neutralised.