Welcome to our core business, we currently offer a wide range of services centred around IDS/IPS.
Security Operations Center/Centre (SOC) DevelopmentComputer Network Defence has a solid background stretching back many years, building many Security Operations Centre's for our clients. We have established extremely robust facilities, and where the client wishes to keep control in house, handed the facilities over to the customer with the option of us fulfilling a regular supporting role or manning the SOC's permanently for many years. The network sizes have varied considerably from less than 100 users to over 200,000.
Independent SOC Assessment
If you already have a SOC in place, either in house, or as a managed service, we can provide an independent study of their capabilities both procedural and technical, identifying any weak areas from a fresh perspective. We can also exercise staff and policies by injecting benign events into the system. Escalating treat scenarios from initial reconnaissance to system compromise identifying any weaknesses in staff complacency or over zealous false positive tuning.
IDS/IPS Augmentation (temps)
We can provide IDS analysts at very short notice to fill a gap in your staffing levels, whether to tackle a crisis or to replace staff through sickness etc. We have in house analysts and also have a number of analysts from other organisations willing to step in on their days off. Currently all our temps are UK security cleared. Our staff can provide cover from a few hours to many months. With prior notice we will arrange for you to have a preferred Analyst who will work with you beforehand to familiarise themselves with your system and procedures. Our Clients have been blown away with both the speed of response and the quality of analyst, who are mostly consultants in their own right.
Vendor Agnostic IDS/IPS Selection - Security Architecture
Selecting the appropriate IDS/IPS for your network is essential and there are many factors to consider. From the ability of your staff to maintain and monitor the IDS/IPS to the nature of your network traffic and how your network operates. Computer Network Defence IDS consultants will discuss these and many other factors, recommending various IDS/IPS products suitable to your infrastructure. We understand that IDS/IPS forms a small part of your defence in depth security posture, we will identify gaps and recommend solutions these would also be considered as part of the criteria for vendor selection, thereby ensuring a fuly compatible security architecture.
IDS/IPS Evaluation
Post selection we will evaluate the selected IDS/IPS solution in situ, either in isolation or in a test situation alongside other products ensuring the compatibility with both the network and staff prior to purchase. The nature of the evaluation is focused on the operational capabilities of the IDS/IPS rather than it's technical architecture though the technical performance is covered. Our experience has found that whilst many products are extremely fast they do not provide a great deal of value to the analyst to enable him/her to handle the incident effectively. An analogy would be buying a Ferrari to take the family of 4 on a camping expedition.
IDS/IPS In-Sourcing
Managed security services are not ideal to many organisations for the monitoring of their security products, either for reasons of cost or quality of service. Computer Network Defence Ltd will help you develop the capability either by introducing a brand new capability or in assisting the migration from managed service to in house, filling the capability gap. The level of our involvement is flexible according to your needs, we can perform the entire operation or provide supervision or guidance. The approach is modular allowing the customer to reduce our involvement as the organisation's staff become more proficient.
Recruitment of IDS Analysts
IDS analysts are 2 a penny, good IDS analysts are not. From experience we have seen individuals with minimal IT experience call themselves an IDS analyst. We will help you through the onerous process of finding/selecting staff suitable for the task either from within your organisation, recruiting externally or a combination of the 2. We can source contractors, permanent staff or a hybrid mix depending on your circumstances.
