Shtein Solutions provides services to assist in the investigation of cyber incidents, with the advantage of an eye that can reveal attack patterns and draw conclusions about the severity of the incident and what data was stolen.
Investigations of cyber incidents are based largely on the processing of logs - event logs. Therefore, every organization must have the infrastructure to store these logs on a separate server (SIEM), as well as the correct event detection configuration. Otherwise, in the absence of a centralized logging system, the investigation will be carried out on individual servers and stations affected by the incident. In this case, the investigation may take longer.
Continuous collaboration with technical experts in information security and the technical infrastructure department can help in quickly identifying attack vectors, as well as in quickly and correctly resolving the threat. On our part, it is important to remind you that it is advisable to be prepared in advance for information security incidents, and for this, the organization needs to carry out preparatory work, which in the future will pay off in the speed and efficiency of the response.
As part of the incident investigation service, you will receive a list of general recommendations to reduce risks.
Penetration investigation
Investigating attempted fraud
Audit of the IR process
Incident Response (IR)
Our company provides the following services:
Primary technological and basic checks in the field of information security. Inspection of the network architecture, security systems, access rights. Construction of a risk map.
More DetailsThis test identifies existing vulnerabilities in the infrastructure in order to formulate recommendations for their elimination.
Testing using social engineering methods. The purpose of the test is to identify the staff’s level cyber security threat awareness.
Lectures and trainings on staff awareness of information security threats, as well as trainings on secure development for programmers.
Checking the security of the company according to the protocol. The purpose of the audit is to show in which areas of information security there are shortcomings and how to correct them.
More DetailsWhen a cyber incident occurs, it is important to understand exactly what happened and how, and to address the causes and gaps in the firm's information security.
More DetailsThe email attack simulation tests the effectiveness of email security tools such as email gateways, antiviruses, sandboxes and others.
More DetailsWe will identify weaknesses in mobile and web applications, in remote service systems and develop recommendations for eliminating detected vulnerabilities.
More DetailsWe will identify problems in protecting user computers for running malicious applications and monitoring the
system.
Since 2010, we have done a lot of work. This includes penetration tests and security audits, risk management, incident investigations, as well as consultations and solution design.