Managed Advanced Threat Protection
管理された高度な脅威保護
The sophistication, complexity and frequency of targeted attacks, Advanced Persistent Threats (APTs), advanced malware, unknown malware, zero-day threats and the like can be overwhelming. An ever-increasing attack surface, extremely motivated, well-trained and well-funded criminals targeting organizations with bespoke tools and new technologies, make securing the modern enterprise exponentially more difficult. Traditional approaches, such as defending the perimeter, are only some of the many techniques needed to address today's complex security landscape. Advanced and multi-faceted attacks cannot be prevented by a single control point, these types of attacks require a coordinated strategy. Yoroi Managed Advanced Threat Protection defends the clients network perimeter from elusive and advanced threats by adopting the most advanced detection technologies available on the market. Our analysts have a solid background in reverse engineering, malware evasion and communication protocols. They monitor, analyse and mitigate advanced threats far before traditional solutions are able to detect them. Our service prevents even the most sophisticated attacks, it detects stealthy threats across the entire clients infrastructure and is able to quickly respond to security incidents.
Infrastructure & Systems compliance
An organization's infrastructure is composed of different layers. On top, there are usually applications, which in turn are served by a multitude of systems that act as containers for these applications (usually operating systems or containers). At the end the infrastructure layer interconnects these systems in order to provide a medium of communication between systems and applications.
The purpose of the Infrastructure & Systems compliance is to ensure that the infrastructure and systems layers are positioned in the appropriate security posture. This security posture can be defined as the condition where the configuration of a specific asset comply with a specific benchmark, such as:
Definition of:
Find more →
The purpose of the Infrastructure & Systems compliance is to ensure that the infrastructure and systems layers are positioned in the appropriate security posture. This security posture can be defined as the condition where the configuration of a specific asset comply with a specific benchmark, such as:
- Best practices, that is widely accepted from the community
- A standard (Community, like CIS or government, like DISA STIG)
- An organization predefined configuration
Definition of:
- Scope
- Reference benchmark
- Operational prerequisites
- Technical analysis on the assets under scope
- Gap-analysis with respect to chosen benchmark
Scam Protection
With the increasing use of online services and retailers, scams have now grown from being a danger mostly associated with investments, banking and insurance, to including the online scams and cybercrime that have to be fought daily.
Scams are becoming increasingly prevalent across different types of websites, through viral e-mails and across social media.
A fraud attempt can be very complex to identify. There isn't any conventional tool able to identify and stop scams. The reason lies in the mutability, complexity and variability of attempted frauds.
Yoroi offers as a scam protection service a suite of services, technologies and best practices advice.
Our proprietary sonde Genku analyses our clients’ e-mails and sends the suspicious attachments to our sandbox Yomi for detonation, whilst our analysts investigate IPs, provenance, destination, subject in order to identify the best possible action.
Find more →
Scams are becoming increasingly prevalent across different types of websites, through viral e-mails and across social media.
A fraud attempt can be very complex to identify. There isn't any conventional tool able to identify and stop scams. The reason lies in the mutability, complexity and variability of attempted frauds.
Yoroi offers as a scam protection service a suite of services, technologies and best practices advice.
Our proprietary sonde Genku analyses our clients’ e-mails and sends the suspicious attachments to our sandbox Yomi for detonation, whilst our analysts investigate IPs, provenance, destination, subject in order to identify the best possible action.
SCADA Security
SCADA (Supervisory Control And Data Acquisition) are complex systems involving a large number of components such as sensors, logic programming units, RTU, programmable switches, servers, backup systems and NAS. All these components are orchestrated by a software apparatus to achieve a common goal.
SCADA systems are increasingly complex, digital and connected. Whilst in the past they were isolated from other networks, today's operators typically require data to be transferred between industrial and external networks, creating the potential for malware and hackers to gain access to and disrupt real time control systems and dependent infrastructures.
Yoroi SCADA security service prevents the malware infection by using bespoke technologies to detect the threats. Through a sensor or a virtual or physical ‘probe' installed in the system and a client host inside the machine interconnection network, our analysts are able to monitor the SCADA communication infrastructure and identify malicious communication flows, unidentified callback and unauthorised attempts to gain control.
Find more →
SCADA systems are increasingly complex, digital and connected. Whilst in the past they were isolated from other networks, today's operators typically require data to be transferred between industrial and external networks, creating the potential for malware and hackers to gain access to and disrupt real time control systems and dependent infrastructures.
Yoroi SCADA security service prevents the malware infection by using bespoke technologies to detect the threats. Through a sensor or a virtual or physical ‘probe' installed in the system and a client host inside the machine interconnection network, our analysts are able to monitor the SCADA communication infrastructure and identify malicious communication flows, unidentified callback and unauthorised attempts to gain control.
Digital Surveillance
Digital surveillance has assumed importance in the context of misuse and abuse of the internet, unauthorised access to data, forgery of digital signatures, infringement of intellectual property rights covering patents and trademarks, fraudulent subversion of electronic payment systems, wars over domain names, browsers and portals and growing menace of intruders, masqueraders and saboteurs in cyberspace.
Yoroi digital surveillance service is designed to protect our clients most sensible data.
Our analysts systematically observe the cyberspace by surfing, sniffing, snooping with a view to locating, identifying, determining, profiling, and analysing by all available means the transmission of e-mail, movement of packets, file transfer, transactions containing specific information or alphanumeric strings belonging to our clients. Once a match is found and verified, the client is alerted and the type of action to be carried on agreed.
Find more →
Yoroi digital surveillance service is designed to protect our clients most sensible data.
Our analysts systematically observe the cyberspace by surfing, sniffing, snooping with a view to locating, identifying, determining, profiling, and analysing by all available means the transmission of e-mail, movement of packets, file transfer, transactions containing specific information or alphanumeric strings belonging to our clients. Once a match is found and verified, the client is alerted and the type of action to be carried on agreed.
Email Protection
More and more threats are propagated by using e-mail as vector. Recent studies show that about 70% of e-mail traffic through the major Internet nodes can be classified as spam.
The goal of Yoroi e-mail protection system is to increase the level of protection on the e-mail carrier, using three main techniques:
Find more →
The goal of Yoroi e-mail protection system is to increase the level of protection on the e-mail carrier, using three main techniques:
- Yomi. Every incoming e-mail received from 'outside' the organisation, if considered 'suspicious' is sent to Yomi and there closely analysed.
- BeC Detector. A syntactical similarity algorithm compares the similarity of the sender with that of the victim host domain. If the sender e-mail address possesses a high degree of similarity to a real address of the defended organisation, an alert is sent out and an analyst is called to analyse the attempted scam.
- BeC Anticipator. A powerful correlation and syntactic prediction engine periodically checks the domains potentially 'similar' to the domain of the defended organisation. If these domains are bought and put into production, an alert escalates and an analyst is contacted in order to manage a possible threat B and C and/or fraud.
Early Warning
Considering today's threat environment and the increasing openness and connectivity of digital infrastructures, security teams must assume that their IT environments are subject to periodic compromise and demand superior response capabilities. In such an environment, where attacks are becoming more frequent and more sophisticated, one of the steps that enterprises can take to ensure business continuity is considering an early warning system.
Yoroi early warning service identifies, analyses and promptly notifies approaching threats before they can affect operations and provides a mitigation strategy. The service is based on the collection and analysis of information from endogenous and exogenous sources appropriately classified according to their reliability. It includes an ongoing view of unconventional sources searched for information related to the monitored clients networks, in order to understand whether there are traces of abuse or compromise.
Our analysts provide information not only about the vulnerability, but also about best-practices countermeasures to keep systems protected. A detailed analysis is provided in each alert and update, describing its severity and potential impact, technical makeup, the systems that might be affected, available patches or workarounds and comprehensive mitigation strategies.
Find more →
Yoroi early warning service identifies, analyses and promptly notifies approaching threats before they can affect operations and provides a mitigation strategy. The service is based on the collection and analysis of information from endogenous and exogenous sources appropriately classified according to their reliability. It includes an ongoing view of unconventional sources searched for information related to the monitored clients networks, in order to understand whether there are traces of abuse or compromise.
Our analysts provide information not only about the vulnerability, but also about best-practices countermeasures to keep systems protected. A detailed analysis is provided in each alert and update, describing its severity and potential impact, technical makeup, the systems that might be affected, available patches or workarounds and comprehensive mitigation strategies.
