Vulnerability Assessment – As application developers increasingly use open source and commercial frameworks and libraries to accelerate their production, they also introduce a long tail of inherited vulnerabilities that increase your attack surface. Spinnaker Support, powered by Alert Logic, provides the ability to run internal and external vulnerability scans and reports for on-premises, hosted, and cloud environments with continuous updates to more than 92,000 Common Vulnerabilities and Exposures (CVEs) in software and certain network components. We support several different use cases including automated agent-based scanning and agentless continuous scanning approaches for software and device vulnerabilities, monitoring your AWS environments for misconfigurations, and providing external scanning as a PCI Approved Scanning Vendor.
Managed Web Application Firewall (WAF) – We provide a managed web application firewall service to block known bad activity. We will start you with out-of-the-box signatures and both positive and negative rules to observe your applications’ behavior through the WAF’s deny logs. We add and tune rules, potentially down to the level of specific pages and even forms, to eliminate false positives. Blocking rules are turned on selectively as you and our WAF specialist are comfortable that enough traffic has passed through to validate that the rule correctly fires without undue false positives. Your Spinnaker Support team will continue to update and tune your WAF as your applications and threat environment evolve.
Data Inspection – We collect and inspect 3 kinds of data for suspicious activity. Each data type has strengths in identifying certain kinds of threats and then together to see the whole picture and improve accuracy and actionable context. (1) Web: We inspect both HTTP requests and HTTP responses. (2) Log: We collect and normalize log data so analytics can identify certain threat activity like brute force and lateral movement, so analysts can investigate logs, and so you can search and report on it whenever you want for forensics and audits since we retain it for at least one year. (3) Network: Our IDS agents inspect all network packets and select those that look suspicious for further analysis in our analytics engine.
Detection Analytics – Analytics weed out false positives and more accurately detects actual attacks with 3 different kinds of analytics: (1) Signatures and rules that detect known malicious patterns; (2) Anomaly detection that compares current activity against baselines to flag unusual activity; (3) Machine learning which includes more than 200,000 vectors (vs. typical 5-10 in a signature) across data from thousands of customers to identify custom, multi-stage attacks. All 3 types of analysis benefit from a treasure trove of rich, consistent data we collect from 4000 customers, which gives us a force multiplier for our analytics to find patterns other vendors could never see.
24 x 7 Monitoring & Validation – As part of our security and vulnerability protection solution, analysts in one of our 24 x 7 x 365 security operations centers investigate and triage incidents as they are created through the analytics.
Spinnaker Support ERP Security Experts and Alert Logic Certified Security Experts Includes:
- Experts with extensive backgrounds and experience in international, cyber, military, and civilian security
- Compliance expertise in PCI DSS, HIPAA, NERC, CJIS, NIST, SOX COBIT, GLBA, and GDPR
Spinnaker Support, powered by Alert Logic, offers full technology stack security and vulnerability protection with human expertise included (security analysts combined with Oracle and SAP application engineers.) Our customers deal with one single vendor, for service, pricing, commercial terms, and communication coordination. Plus, there is no upcharge for our standard security and vulnerability support.
For more information on Spinnaker Support’s Advanced Security solution, contact us today.