Maintain constant, quiet, watch-FULL, view of your enterprise. Continuously monitor key technical and human resources. Monitor vendors, partners, affiliates, and potential merger/acquisition targets. Examine, investigate, and visualize your enterprise in EXACTLY the same way that a potential threat actor would do.

Merriam-Webster defines “vigilance” as

the quality or state of being vigilant.”

Merriam-Webster defines “vigilant” as being

“alertly watchful especially to avoid danger.”

Our Due Vigilance service is very smart business. Sophisticated threat actors are moving their attacks upstream in the value chain. In order to compromise your enterprise, attackers increasingly first look to exploit a technical vulnerability, policy weakness, misconfiguration, or human error in a partner, vendor, supplier, or service provider you rely heavily on to do business or perform your mission.

Threat actors are well aware of the fact that your vendors, suppliers, partners, and others may have, out of necessity, login credentials or other privileged access to your systems. These privileges may include, Virtual Private Network (VPN), Remote Desktop Protocol (RDP), Cloud Storage, file management systems, industrial control systems, and many others. Threat actors work hard to identify and map these key enterprise relationships. 

How IT Works

1
Discovery

Discovery involves the deployment light-weight agents to search for and identity network devices and endpoints. The devices include workstations, laptops, mobile devices, servers, printers, routers, switches, printers, virtual servers, IoT devices, and cloud-based assets. Discovery seeks to identify rogue, unauthorized, employee- or vendor-owned Bring Your Own Device (BYOD).

2
Protection

Protection involves the implementation of policy and the deployment of resources intended to minimize the risk of a cybersecurity event. Protection is a continuous effort to minimize, and whenever possible, eliminate the risk of a cybersecurity event.

3
Detection

Detection involves the implementation of policies and procedures in order to facilitate the timely detection of cybersecurity events. These policies and procedures define the human, hardware, and software resources deployed for the timely, continuous, and near real-time detection of cybersecurity events.

4
Response

Response involves the implementation of policies and procedures necessary to react in a timely, effective, and collaborative manner to a cybersecurity event. Response is the rapid mobilization, coordination, and deployment of human and technical resources to contain and resolve cybersecurity events.

5
Recovery

Recovery involves the implementation of policies and procedures necessary to restore from damage resulting from a cybersecurity event. Recovery seeks to empower the enterprise to rapidly restore, replace, or repair lost data, services, and processes.