C-SIRT
Prevent and anticipate cyber threats and risks!
#CSIRT
The CSIRT approach implemented by Synetis, in addition to drafting adapted procedures, produces a monthly newsletter on cybersecurity issues (vulnerabilities, alerts and threats, cybersecurity and regulatory news, etc.) aimed at decision-makers.
Our activities.
CSIRT.
Cyber Security Watch
The CSIRT activity set up by Synetis provides relevant and contextualized monitoring based on new cybersecurity events emerging daily. Each article is written by a team of specialists, cross-referencing several sources and then synthesized to bring together the most relevant information. Divided into five main themes, the monthly newsletter keeps you informed about new threats, legal and regulatory events, and new softwares.
Threat Intelligence
Even years later, WannaCry and NotPetya are hot topics when it comes to cyber security. The Intelligence Threat service available from Synetis can play an important preventive and defensive role when this type of event occurs.
Part of this service involves knowing how to anticipate data leaks, or if necessary, being able to detect them before it is too late. CSIRT has developed many tools specifically for this purpose and can be a major asset in monitoring and detecting leaks that may come from multiple sources.
Incident Response
Once an intrusion is detected, Time becomes the key element in the fight against attackers. The CSIRT’s incident response calls on Synetis experts to go to the scene, thus enabling rapid intervention to stop and set up all the technical barriers to circumscribe the attack. CSIRT experts are there to support the company in understanding the threat and to define a precise framework to establish a plan adapted to each company
The Synetis incident response is based on research published by the SANS Institute.
Forensic Investigation
Synetis CSIRT experts have been trained to intervene quickly when an information system has been compromised. Forensic investigation is a key step and above all is necessary to try to understand how such an event could have occurred, but also to have the most precise analysis possible as to what the attackers got up to once inside your IS.
The purpose of forensic analysis is to build a chronology of events from a few days before the date of the compromise to a few days after its detection. Knowing the vector of attack and the extent of the damage enables a Remediation Plan to be drawn up more quickly. Whether it is a simple workstation or an information system as a whole, activities can only resume in complete security when all the elements linked to the compromise have been analyzed and identified.
ADVICE?
