Managed Security Services

Continuous Threat & Vulnerability Management

How fast can you detect a threat to your environment? RAVENii’s Continuous Threat & Vulnerability Management offering allows you to position your business in a proactive stance. RAVENii will run continuous scans on your environment to identify anomalies in your normal operations. Any inconsistencies will be evaluated to determine whether or not they pose a risk to your business. These risks will then be communicated to you and together, we will deploy a plan of action to mitigate the threat or vulnerability.

RAVENii’s Continuous Threat & Vulnerability Management Service Includes:

  • Regular executive indicator and reporting debriefs
  • Vulnerability prioritization and remediation plans
  • Real-time attack surface measuring
  • Real-time on-the-wire passive vulnerability scanning and threat monitoring
  • Real-time indicator of compromise alerting
  • Regular active vulnerability scans
  • Log collection from Windows, routers & switches, firewalls, Linux and Applications
  • Access to RAVENii’s Security Incident Response and Management Team

Managed Endpoint Protection

What are you doing to guard your endpoints? The RAVENii Managed Endpoint Protection Service helps businesses block threats and other attempts to gain access into their networks. RAVENii will defend all access points with 24/7 monitoring for any malicious activity. The service ensures that the endpoints of security; the client devices, are protected against advanced threats, keeping networks running and corporate assets safe. With RAVENii’s Managed Endpoint Protection Service you can protect your intellectual property, customer data, and reputation. You can also devote more IT resources to your core business.

RAVENii’s Managed Endpoint Protection Service includes:

  • Malware Protection
  • Internet Filtering
  • Device lockdown, alarming and wiping
  • Device Tracking and Reclamation
  • Remote Assistance
  • Regular executive indicator and reporting debriefs
  • Access to RAVENii’s Security Incident Response and Management Team
  • Anytime/Anywhere management of endpoints

Managed Firewall Service

Network traffic is constantly coming in and going out. What are you doing to manage the flow? RAVENii helps organizations defend against increasingly complex cyber attacks; providing full firewall infrastructure, monitoring and management with our Managed Firewall Service. The service ensures that the mainstay of security; the firewall, remains effective against threats, keeping your network running and corporate assets safe. Companies face daily attacks from competitors, criminals, and nation-state entities who exploit all possible vulnerabilities to compromise networks and access sensitive data. Ensuring firewall investments are working effectively and monitored 24x7 is essential to having a robust security posture.

RAVENii’s Managed Firewall Service includes:

  • Monthly threat debriefing
  • Turnkey firewalls for perimeters or internal environments
  • Existing firewall standardization and tuning
  • Real-time 24x7x365 security monitoring for threats
  • Maintenance & Upgrades
  • Configuration Changes
  • Access to RAVENii Security Incident Response & Management Team
  • Regular performance tuning
  • Access to incident response expertise on-demand
  • ITIL based service desk

SIEM Wave 3

How are you patrolling your network to manage and track changes? RAVENii makes security event and log management easy and affordable with our managed SIEM Wave 3 Solution. SIEM Wave 3 is powered by MixMode and is the only solution on the market utilizing 3rd Wave Artificial Intelligence.

3rd Wave AI has many advantages that solve the business challenges surrounding traditional SIEM solutions like; containing price creep, storing network traffic data volumes, and working with historical information.

The traditional SIEM is a siloed solution. It is expensive to maintain the extraction, transformation, aggregation, and storage of the machine/log data with a traditional SIEM. Network traffic data is the most comprehensive source of useful information for threat detection and response. However, storing its massive data volumes can increase total spend up to 3 times.

The traditional SIEM also requires a lot of manpower. It typically takes 12-24 months of human training, extensive configuration, fine-tuning and monitoring before a traditional SIEM can provide you with true security value.

Traditional SIEMs also rely on historical data. Historical data cannot predict threats or identify anomalies indicative of a forthcoming attack. Historical data is like a rearview mirror; it only gives you a view of what’s behind you.

The advantages of RAVENii’s SIEM Wave 3 Solution over traditional SIEM:

  • Precision detection increases SOC productivity
  • 95% false positive reduction
  • Cost reduction and efficiency gains
  • Lower log storage costs
  • Shorter mean time to remediate
  • Predictive and zero-day attack detection
  • 7 days to enterprise deployment and network baseline
  • The only 3rd wave AI security tool on the market

The lack of integration with other tools means that IT teams must dedicate significant staff time to managing each security control, and even further time to the administration of the various alerts generated by these tools. Our solution is self-supervised, context aware and predictive. This eliminates the need for IT teams to spend precious time deploying and re-configuring individual products and rules. Instead of LOOKING for actionable events, we are WORKING actionable events.

Our solution is self-supervised, context aware and predictive. This eliminates the need for IT teams to spend precious time deploying and re-configuring individual products and rules. Instead of LOOKING for actionable events, we are WORKING actionable events.

RAVENii’s SIEM Wave 3 includes:

  • 3rd Wave AI powered by MixMode with predictive and advanced threat monitoring
  • Proactive event monitoring and investigation based on your network’s custom parameters
  • Managed threat detection and response service provides layered network protection
  • Round-the-clock support, monitoring and response by our RAVENii security experts
  • Certified security engineers available to administer and support your network security
  • 24/7/365 access to the RAVENii Security Operations Center with SLA options to suit your business
  • Next generation threat detection
  • AI powered prediction and advanced real time threat monitoring
  • Advanced visibility and powerful forensics
  • Full packet capture, deep packet inspection and file extraction
  • Deployment in minutes and a baseline in 7 days
  • Deployment in you in the cloud, on-premise or in your VPC
  • Deep integrations with your entire security stack
  • Robust API delivers integration with your SIEM, SOAR and endpoint solutions.
  • End-to-end system deployment and management
  • Log storage

Log storage:

RAVENii’s Log Storage Service is included with the SIEM Wave 3 managed solution.

RAVENii will collect your logs along with:

  • AI Analytics
  • Up to 5TB raw logs per month
  • 30 days hot storage
  • 1 year cold storage
  • 1 hardware sensor
  • 24/7 SOC monitoring
  • Monthly reporting
  • Ticket System
  • 1 export of raw logs per quarter ($300 per additional export)

Security Awareness Training & Phishing Testing:

A complete and comprehensive security program must include Security Training and Phishing Testing for your employees. The main reason being that most cybersecurity breaches are caused by human error.

Your employees represent your business in all areas of data supervision from handling your sensitive client information and keeping your proprietary business intelligence safe. If your employees practice poor data management behaviors, it could cause a significant and costly security breach for your business. It is imperative that your employees understand that they are all targets and susceptible to an attack.

RAVENii’s Managed Security Training & Phishing Testing program is designed to help your business mitigate the number of security breaches caused by human error.

RAVENii’s goal is to change human risk behaviors and create an enhanced secure organizational culture. Our team will create effective security training and phishing testing campaigns for your employees on the risks they should avoid and the steps they should take if they encounter a nefarious situation.

Our program empowers your employees to handle your company information securely and follow your information security policies and processes because the less they are prone to costly security incidents the less likely they will give hackers an open invitation to your network.

RAVENii’s Managed Security Training and Phishing Testing platform is powered by SANS and will educate your employees on what cyber threats to look for and provide training on how to avoid them. This service follows best practices for educating your human firewall on how to treat your sensitive data and be security aware.

Management of your Security Awareness Training platform will include:

  • Ongoing security awareness training & testing to ensure the Customer’s employees understand and exhibit the necessary behaviors and skills to help protect the security of the organization.
  • Coordination with Customer’s Security & Compliance Teams to ensure training meets the Customer’s business requirements.
  • Training to all City employees and Council members on how to utilize secure authentication, how to identify social engineering attacks, how to identify and properly manage sensitive data, how to identify causes for unintentional data loss, how to identify the most common indicators of an incident, etc.
  • Remediation plans for repeat offenders.
  • Campaign and status reports.

The managed SANS Security Awareness Training platform also includes:

  • Initial Onboarding
  • New Hire Onboarding
  • Offboarding
  • User Management & Support
  • Phishing Campaigns (up to 12 per year)
  • Full access to content library, including Compliance training modules

SOC as a Service (SOCaaS):

RAVENii’s SOC As A Service delivers powerful threat detection, incident response, and compliance management in one fully managed service. We combine all the security capabilities needed for effective security monitoring across your cloud and on-premises environments: asset discovery, vulnerability assessment, intrusion detection, endpoint detection and response, behavioral monitoring, SIEM log management, compliance reports and more.

It eliminates the need to deploy, integrate, and maintain expensive solutions like a SIEM and maximizes your existing security investments like your firewall and anti-virus by including their logs in our analysis. SOC As A Service offers low total cost of ownership (TCO) and flexible, scalable deployment options for organizations of any size or budget.

RAVENii’s SOC as a service includes:

  • Monthly threat debriefing
  • Network Baseline in 7 Days
  • Analysis of all Network Traffic
  • Access to RAVENii Security Incident Response & Management Team
  • Predictive Threat Detection
  • Custom Dashboard Visibility
  • 24/7 Expert Team
  • Self-Supervised AI
  • Scalable infrastructure
  • Lab-tested technology
  • Real-time response

Asset Management:

RAVENii’s Asset Management Solution is important because it helps businesses monitor and manage their assets by using a systemized approach. When managed effectively, the benefits of an asset management solution include improvements to productivity and efficiency which places a business in a better position to increase their return on investment.

RAVENii’s Asset Management Solution will scan your devices to collect hardware, software, and Windows configuration data.

The solution can:

  • View computers that have the same installed applications, hardware, operating systems, and even Windows updates.
  • Easily launch remote desktop, remote command, reboot/shutdown, WoL, event viewer, etc.
  • Incorporate and run custom scripts and favorite utilities.
  • Integrate with RAVENii’s Patch Management Service.

Network Security Monitoring:

RAVENii offers 24X7 Network Security Monitoring of your network. Our platform utilizes context-aware AI, a dynamic network baselining technology which allows us to identify pre-attack behavior and stop attacks before they happen.

RAVENii will monitor all of your network traffic, incoming, outgoing, and local in the cloud, on premise, or in hybrid environments. With full layer 2-7 visibility, full packet capture, and deep packet inspection, we can give you the visibility you need to see and take action before damage is done.

RAVENii will enhance your security by doing the following:

  • Establishing an evolving baseline of acceptable network behavior for anomaly detection in 7 days or less, without requiring months of historical data, human intelligence or forensics;
  • Providing predictive and “zero day” threat, attack, and anomaly intelligence layer without human intervention; and
  • Delivering an average of 95% reduction in false positive alerts.

RAVENii’s Network Security Monitoring Service Includes …

  • Malware detection with built-in threat intelligence;
  • Real-time attack surface measuring;
  • Real-time on-the-wire passive vulnerability assessment and threat monitoring;
  • Real-time indicator of compromise alerting;
  • Real-time detection of botnet and command & control traffic;
  • Forensics;
  • Access to RAVENii’s Security Incident Response and Management Team; and
  • Access to RAVENii’s web based SOC for managed devices, workflows, alerting and incidents.

Vulnerability Management:

RAVENii’s Vulnerability Management Solution provides visibility into your network so you can manage and measure your cyber risk. This vulnerability analytics solution is built on leading technology to give you a comprehensive view of your attack surface so you can discover unknown assets and prioritize vulnerabilities within your network.

RAVENii’s Vulnerability Management Solution will provide:

  • Access to advanced analytics, user customizable dashboards, reports, and workflows;
  • Access to real-time insight to help prioritize patching;
  • Access to vulnerability prioritization to determine the likelihood a vulnerability will be exploited in your unique environment;
  • Continuous asset discovery capabilities for all mobile devices, physical, virtual and cloud instances on the network, including unauthorized assets;
  • Capabilities to perform non-credentialed and credentialed scanning for deep analysis and configuration auditing;
  • Capabilities to perform agent-based scanning for mobile and hard to reach assets;
  • Access to compliance validation of business defined standards, industry standards and regulatory mandates, such as CERT, DISA, STIG, DHS CDM, FISMA, PCI DSS, HIPAA/HITECH, etc.
  • Vulnerability advisory and monthly review.

Our Mission
At RAVENii we leverage the collective intelligence of security experts across the globe to provide peace of mind that your business will continue to run efficiently in a secure environment that is right for you.
Services
Blog
CONTACT US

For more information about our services or to ask a question, please use this form. One of us will contact you soon.