Multi-layered, single-platform service package provides digital businesses with key capabilities to monitor, analyze and protect their data
SINGAPORE, May 8, 吉祥彩票官网 /PRNewswire/ -- (NYSE: CTL) has launched its service package in Asia Pacific. This single-platform offering provides organizations with the capability to monitor for and detect insider threats on critical assets. It employs behavioral analytics algorithms to find malicious user activities and automates the review of privileged account activities. It also detects events that pose a risk, known attacker behavior, anomalous network activities and deviations in account behavior.
CenturyLink cybersecurity experts will also be available to provide consultation as part of the MSBA service package. Their role is to provide advice and make recommendations to help organizations improve their security postures.
"The rising significance and impact of cybersecurity is no longer just technical or compliance issues, but also business and strategy concerns to which Asia Pacific organizations are paying closer attention," said Huang. "With Asia Pacific organizations experiencing stronger regulatory pressures and recognizing investment in security as part of their digital transformation battleplan, they are looking for service providers to support their business objectives. The value brought by Managed Security 吉祥彩票官网 Providers (MSSPs) to the ecosystem is clear. To build effective cyber risk strategies, a MSSP must align cyber defense controls with business goals. This requires deep industry expertise and capability to develop industry-specific threat models that go beyond conventional infrastructure layer monitoring."
"What we are offering is peace of mind and a testament to our commitment as a trusted Managed Security 吉祥彩票官网 Provider to our customers to ," concluded Cheah. Besides MSBA, CenturyLink's SOC is also responsible for delivering our portfolio of detection and mitigation services, including analysis and leveraging threat intelligence data provided by Black Lotus Labs, CenturyLink's threat research arm, which analyzes 190 billion NetFlow sessions and over 3.6 million security events every day.
- Learn more about CenturyLink's Managed Security Behavioral Analytics:
- Request for a free security consultation:
CenturyLink (NYSE: CTL) is a technology leader delivering hybrid networking, cloud connectivity, and security solutions to customers around the world. Through its extensive global fiber network, CenturyLink provides secure and reliable services to meet the growing digital demands of businesses and consumers. CenturyLink strives to be the trusted connection to the networked world and is focused on delivering technology that enhances the customer experience. Learn more at .
Use case 1: December 30 2019 - CenturyLink's SOC detected suspicious security anomalies with a Privileged User Account's (PUA) activities its customer IT environment.
The first suspicious observation was when the PUA logged into one of the customer's ERP server. He was last seen logging into this server 69 days ago. Analytics shows his login activities through the Domain Controller was 83 times higher than usual.
He was accessing multiple servers which he has never logged into before. There were 19 different source IP addresses used by this PUA to access the network.
While there were unusual login activities, CenturyLink SOC analysts performed an in-depth investigation which revealed that no data was exfiltrated nor were there other suspicious signs of malicious activities. The case was escalated to the customer and CenturyLink learned that this PUA was carrying out an impromptu, and urgent maintenance window.
Use case 2: Mid August 2019 - CenturyLink's SOC detected possible security events when there were suspicious DNS requests being sent through the customer's Domain Controller. This resembles Domain Generation Algorithm (DGA) patterns, which are seen in various families of malware and generates a large number of domain names that can be used as rendezvous points with their C2 (Command & Control) hosts.
Upon this discovery, CenturyLink SOC analysts took immediate threat-hunting action. Further investigations found that the endpoint device's IP which generated the DNS traffic patterns were connected through the customer's BYOD guest network. The DNS destination host was also found to be categorized as malicious or suspicious. Sometimes, DNS tunneling can be used as a way to camouflage C2 communications.
The incident was escalated to the customer to determine if the endpoint device is one of their corporate assets or if it belongs to a visitor.
Related Links :
吉祥彩票官网 © acrofan All Right Reserved
- Olsztyn's Chinese sister city Weifang shares anti-epidemic t..
- COVID-19 Causes Wearable Shipments to Plummet by 27 Million ..
- 360 Finance Among First Wave of Companies to Register its Fi..
- PepsiCo Appoints Wern-Yuen Tan as Chief Executive Officer of..
- Fortinet Lauded by Frost & Sullivan for Dominating the KSA N..