shield - Cyber Security

Your network is under attack right now.

SECURITY OPERATIONS and INCIDENT RESPONSE PLATFORM

Today, organizations utilize numerous security products; most are standalone, complex, and too slow to catch modern-day attacks. Hackers are also relying more on “living-off-the-land” strategies: leveraging existing IT technologies and user accounts for malicious purposes. As a result, detecting and analyzing hacker tradecraft often takes significant time, technical expertise, and resources. Shift-IT’s SHIELD Cyber Security provides an operations and incident response platform that is a gamechanger; it excels at monitoring and catching modern hacking tradecraft, delivering real-time alerts, and allowing for immediate threat response.

SHIELD enables security teams to quickly identify modern hacking tradecraft and take immediate response.

KEY BENEFITS:

  • PATENTED LATERAL MOVEMENT DETECTION
  • THREAT HUNTING CAPABILITIES
  • REAL-TIME THREAT DETECTION AND RESPONSE
  • REPORTING AND COMPLIANCE MODULE
  • INTEGRATED NONTRADITIONAL IT ASSET
  • VISIBILITY AND THREAT DETECTION
    – Internet of Things (IoT)
    – Operational Technology (OT)
    – Building Automation Systems (BAS)
    – Industrial Control Systems (ICS)

Capabilities

Live Asset Visibility

Multi-point Threat Detection

Lateral Spread Detection

Privileged Account Monitoring

Immediate Threat Response

Remote Access Monitoring

Insider Threat Visibility

3rd Party Integrations

Risk and Compliance Reporting

24/7
365 DAYS A YEAR

CONTINUOUS CYBER PROTECTION AGAINST EMERGING THREATS

Shift-IT’s SHIELD Cyber Security Managed Detection and Response (MDR) service provides 24/7/365 coverage so your organization can focus on other priorities. Let Shift-IT’s experienced MDR team monitor, actively hunt, and respond to real-time threats using its SHIELD platform.

WHAT IS MDR?
The next generation of managed security service with a focus on real-time threat detection, threat hunting, and active response.

WHY MDR?
Prevention and perimeter protection is no longer sufficient to detect and stop cyberattacks. Neither is expensive, resource-intensive log analysis. Finally, organizations need response, not just recommendations.

“IT security leaders should use managed detection and response (MDR) services to augment existing security monitoring capabilities to address gaps in advanced threat detection and incident response before investing in more security monitoring tools (e.g., security information and event management [SIEM], network, and host-threat detection), and associated staff and expertise.”
Gartner, “Market Guide for Managed Detection and Response (MDR) Services”, May 2016, Bussa. Lawson, Kavanagh

MDR TEAM

  • Senior Cyber Security Operators
  • Deep Understanding of Hacker Tradecraft
  • Continuously Monitors Threat Landscape
  • Extensive Knowledge of Networking and Windows Domains

MDR FOCUS

  • Lateral Spread Tradecraft
  • Infrastructure Enumeration
  • Privileged Users and Activity
  • Asset Visibility and Remote Access
  • Insider Threats

WHAT YOU CAN EXPECT

WORLD-CLASS MDR PROTECTION
24/7/365

1
KICKOFF MEETING

Meet with Shift-IT to assess security requirements and network infrastructure.

2
PORTAL REGISTRATION

Register online to setup your service, manage payments, get updates, and more.

3
IMPLEMENTATION

You, or your IT service provider, deploys SHIELD agent and network taps (if applicable).

4
PLAYBOOK DEVELOPMENT

Shift-IT works with your team to create a customized response playbook in the event of a breach.

See it in action!

SECURITY OPERATIONS & INCIDENT RESPONSE PLATFORM

Learn more or schedule a demo by contacting us.

LIVE ASSET VISIBILITY

LIVE ASSET VISIBILITY

IMMEDIATE THREAT RESPONSE

IMMEDIATE THREAT RESPONSE

Microsoft 365 Security Add-on for 24/7 True Managed Detection and Response

Hackers frequently target Microsoft 365 for business email compromise (BEC), information collection, advanced spear-phishing, and breach/ransomware attacks.

THE SOLUTION – Our Microsoft 365 security add-on

Monitoring and Enforcement of Microsoft 365 Activity

When combined with our MDR service, Shield 365 Defense provides around-the-clock Microsoft 365 security monitoring and policy enforcement.

Research shows that hackers are targeting Microsoft 365 accounts with alarming success. Attacks include account compromise via leaked credentials and brute force tactics as well as email impersonation and spear phishing.

With Shield 365 Defense, our cyber analysts can monitor and harden your Microsoft 365 environment and your clients’ 365 accounts.

Microsoft 365 Security

Security Awareness Training and Simulated Phishing Platform

Helps you manage the ongoing problem of social engineering

Security Awareness Training

Old-school security awareness training doesn’t hack it anymore. Today, your employees are frequently exposed to sophisticated phishing and ransomware attacks.

Baseline Testing
We provide baseline testing to assess the Phish-Prone™ percentage of your users through a free simulated phishing attack.

Train Your Users
The world’s largest library of security awareness training content; including interactive modules, videos, games, posters and newsletters. Automated training campaigns with scheduled reminder emails.

Phish Your Users
Best-in-class, fully automated simulated phishing attacks, thousands of templates with unlimited usage, and community phishing templates.

See the Results
Enterprise-strength reporting, showing stats and graphs for both training and phishing, ready for management. Show the great ROI!

Analyze Train Phish
See the results of Phish-Prone Training

The System Really Works

We analyzed 6.6 million users over the course of at least 12 months, and our2021 research continues to uncover alarming results. The overall industry initial Phish-Prone percentage benchmark dropped slightly from 2020, but still a troubling 31.4%.

Fortunately, the data showed that this 31.4% can be brought down almost in half to 16.4% within 90 days after deploying new-school security awareness training. The One-Year results show that by following these best practices, the final Phish-prone percentage can be minimized to 4.8% on average. See how your company’s Phish-Prone percentage compares to your peers! The Industry Benchmarking feature is included with your subscription.

Source: 2021 KnowBe4 Phishing by Industry Benchmarking Report

Note: The initial Phish-Prone percentage is calculated on the basis of all users evaluated. These users had not received any training with the KnowBe4 console prior to the evaluation.

Subsequent time periods reflect Phish-Prone percentages for the subset of users who received training with the KnowBe4 console.

Find Out How Effective Our Security Awareness Training Is

Security Awareness Training Features

Unlimited Use
We offer three Training Access Levels giving you access to our content library of 1,000+ items based on your subscription level. Unlimited access to all phishing features with flexible licensing. Powerful new features added regularly.

Engaging, Interactive Browser-based Training
The interactive training gives your users a fresh new learner experience that makes learning fun and engaging. Your users can choose the language they’re most comfortable with for the entire training interface, helping deliver a more immersive training experience.

Brandable Content
This self-service feature gives you the option to add branded custom content to the beginning and end of select training modules. You can add your organization’s branding elements including your logo, custom graphics, and corporate colours to tailor any messaging you want to deliver to your users.

Upload Your Own Content
Want to supplement your security awareness training content with your organization’s custom training or other corporate training content? With our robust learning management system (LMS), you can upload your own SCORM-compliant training and video content and manage it alongside your Training content all in one place—at no extra cost!

Assessments
Find out where your users are in both security knowledge and security culture to help establish baseline security metrics. Use the skills-based assessment and the security culture survey to measure and monitor your users’ security knowledge and sentiment to a security-aware culture over time.

Custom Phishing Templates and Landing Pages
Apart from the thousands of easy-to-use system templates, you can customize scenarios based on personal information and include simulated attachments to create your own targeted spear-phishing campaigns. Each Phishing Email Template can have its own Custom Landing Page, which allows for point-of-failure education.

Phish Alert Button
Our Phish Alert add-in button gives your users a safe way to forward email threats to the security team for analysis, and deletes the email from the user’s inbox to prevent future exposure. All with just one click!

Social Engineering Indicators
Patented technology turns every simulated phishing email into a tool IT can use to dynamically train employees by instantly showing them the hidden red flags they missed within that email.

AI-Driven Phishing and Training Recommendations
Leverage the power of AI to give your users a more personalized experience that adapts to their current level of knowledge. Use AI-driven phishing to automatically choose the best phishing template for each of your users based on their individual training and phishing history. With AI-driven training recommendations, we serve up training content customized to your overall organization’s Phish-Prone percentage.

Did you know that 88% of data breaches are caused by human error?

User Management
Our Active Directory Integration allows you to easily upload user data and saves you time by eliminating the need to manually manage user changes. You can also leverage the Smart Groups feature to tailor and automate your phishing campaigns, training assignments and remedial learning based on your employees’ behaviour and user attributes.

Advanced Reporting Feature
60+ built-in reports provide holistic views and detailed reporting on your key awareness training indicators over time. Leverage Reporting APIs to pull data from your console.

Virtual Risk Officer™
The innovative Virtual Risk Officer (VRO) functionality uses machine learning to help you predict and identify risk at the user, group and organizational level. This continual learning model enables you to make data-driven decisions when it comes to your security awareness program.

PhishER™
PhishER is an optional add-on for managing the high volume of messages reported by your users and helps you identify and respond to email threats faster. Combined with our training platform, PhishER can automatically flip dangerous attacks into instant real-world training opportunities.

COMPREHENSIVE APPROACH

SECURITY MONITORING

  • Accounts Created/Deleted
  • Altered Administrator Roles
  • Too Many Login Attempts
  • Sign-in from Unauthorized Country
  • Email Impersonation
  • SharePoint or OneDrive Files Shared Publicly
  • SharePoint Site Deletion
  • Accounts Generating Spam

SECURITY POLICY ENFORCEMENT

  • Ensure Audit/Mailbox Logs Always On
  • MFA Authentication for Administrators
  • No Scripting (PowerShell) Privileges for Non-administrators
  • Block Dangerous Email Attachments
  • Block Mail Forwarding Rules
  • Block Third-Party Applications
  • Limit External Information Leakage
  • Block Top Spamming Countries

WHAT YOU GET

  • Alerts Sent Directly To You
  • Correlated with other Shift-IT MDR Data Sources
  • Integrated Monthly Reporting
  • Streamlined Billing
  • Simple and Quick Onboarding Process
Suspicious login alert from 365 Shield

WHAT YOU CAN EXPECT

Works with Microsoft Exchange Online Plan 1 (including all Microsoft Business plans) and above.

Take Charge of Your Tech Today!

REQUEST A PROPOSAL