The company Secterious (Eitan Freimovich and Rony Atias) and the company ShvoIT (Moshe Shvo) used their extensive experience as CISOs and penetration testers for a wide range of organizations to develop a managed and innovative SIEM SOC service. This service, designed specifically for small and medium-sized businesses, is based on strong open source technologies and is tailored to meet the unique security needs of each customer.
Our team, which boasts over 20 years of experience in cyber security and digital investigations, is made up of leading experts trained in leading cyber security companies and the IDF's elite cyber units. We operate according to a customized methodology, which provides a response not only to the immediate needs of your organization but also prepares him to proactively deal with future threats.
Understanding that the field of cyber security is constantly evolving, we undertake to keep our services updated according to the latest technological advances, to provide maximum protection for your organization.
By combining innovation, deep expertise and a personalized approach, we provide comprehensive solutions for security incident management. Our mission is to strengthen your organization's capabilities in detecting, responding to and preventing cyber attacks, and to ensure its stability in the face of evolving threats.
Reducing costs and improving security capabilities.
Promotes the ability to deal with threats in a more efficient and stable and timely manner.
Provides useful intelligence and indicators to protect against potential attackers.
Facilitates threat management and detection through an advanced SIEM system. When a cyber team is trained and available to you 24 hours a day
An advanced monitoring system that identifies and handles threats actively and proactively.
A professional and fast response team to cyber incidents and security losses.
Provides automatic vulnerability management that enables quick and efficient response to incidents.
Accompanies and adapts the service to the organization's needs.
The MITRE ATT&CK Matrix is a modular infrastructure that presents a wide set of attacking techniques used to achieve pre–defined objectives.
The tactics are classified by objectives in a matrix, which shows the process of an attack from the starting point to the final effect.
The extended version of MITRE ATT&CK for Enterprise addresses many environments, including Windows, macOS, Linux, PRE, Azure AD, Office 365, Google Workspace, SaaS, IaaS, Network, and Containers. The various tactics in which the attacks listed in MITRE ATT&CK can be used can be spear phishing, command and control, and credential dumping.
MITRE ATT&CK היא תשתית מודולרית המציגה סט רחב של טכניקות תקיפה המשמשות להשגתיעדים מוגדרים מראש.
הטקטיקות מסווגות לפי יעדים במטריצה, המציגה את תהליך ההתקפה מנקודת ההתחלה ועד האפקט הסופי.
הגרסה המורחבת של MITRE ATT&CK לארגונים נותנת מענה לסביבות רבות כגון:
Windows, macOS, Linux, PRE, Azure AD, Office 365, Google Workspace, SaaS, IaaS,
Network, Containers
הטקטיקות השונות בהן ניתן להשתמש בהתקפות המפורטות ב- MITER ATT&CK יכולות להיות:
spear phishing, command and control, and credential dumping
Gathering information about the target for planning future operations
Establishment of resources to support operations, which includes the establishment of a command and control infrastructure
An attempt to enter the network, such as phishing
Running malicious code, such as running a remote access tool
Changing formations and maintaining the foothold of the attackers
an attempt to obtain privileges at a higher level
an attempt to obtain privileges at a higher level
The use of trusted processes to hide malware
Stealing identical data and account passwords
investigation and perception of the opponents' environment
Using normal credentials to move between systems
Access and collection of relevant data for the purpose of an attack
Communication with affected systems for the purpose of control
Stealing data from the affected network
Activation, disruption or destruction of systems and data
An advanced and unified enterprise SIEM monitoring platform provides a comprehensive solution for persistent cyber threats and end-to-end hardening of enterprise systems.
The system is suitable for local, cloud and hybrid environments and guarantees comprehensive protection in the field of information security.
Especially in light of the transition to a routine of war, these areas are being re-invigorated due to the new challenges that include new attacks, vulnerabilities and weaknesses that are published daily.
This is a critical component that allows the organization to continue to function in a continuous business manner, when the SIEM platform supports a SOC system that operates 24/7 by the talented analysts working in a FLAT TIER configuration (also know how to identify and operate) even in emergency situations.
DREM Hybrid Cloud Observability is a modular, scalable and easy-to-implement system that provides full monitoring of all the organization's infrastructure – endpoints, servers, switches, storage arrays, existing security solutions, Office 365 and more.
DREM's monitoring platform provides advanced control capabilities, smart monitors, hardening and anomaly detection, and enables proactive detection of attack attempts or cyber incidents at all layers of the organization's network.
© Copyright 2024, DREM. All rights reserved
Automated page speed optimizations for fast site performance