Threat Protection Technologies

Threat Protection solutions may include a combination of any of the following technologies as well as Professional and Managed Security Services to implement a cohesive security program that helps ensure your network stays protected from internal and external threats.

» Security Information and Event Management (SIEM)
» Email and Web Gateways
» Active Network Monitoring and Forensics
» Encryption
» Security Analytics and Assessments
» Cloud Email
» Cloud Security

Professional Services for Threat Protection

Agnostic Vendor Evaluation

Investing in technologies associated with the protection of your most critical data assets is not a decision that is taken lightly. We provide services to help you evaluate various technologies based on your unique business requirements with recommendations based on the capabilities each technology provides.

Discovery Workshop

Our security consultants help you define your requirements for a threat protection program. After an information gathering process our consultants provide guidance on potential technologies and vendors, use cases, overcoming impediments, implementation, and results measurement, providing a ‘go-forward’ plan for your organization.

Security Program Design

Our consultants work with you to identify and prioritize your use cases and log sources, identify governance procedures, and working groups, and define policy governance, workflows for application management, event triage and incident management.

Proof of Concepts (POCs)

Proof of Concepts provide you the opportunity to validate product solutions against specific business use cases. The myriad of variables contained with the POC are analyzed to reduce unforeseen post implementation complications.

Incident Response (IR)

We provide IR plan review, design and testing services via table top exercises

Vulnerability Management

Vulnerabilities are the most commonly exploited attack method into an organization. We provide scanning services to integrate with an overall Threat Protection Program.

Technical Services

Softthink Solutions engineers are expert in the technologies that we implement and are able to integrate systems with the rest of your IT environment to help ensure the security of your most critical assets. Technical Services include architecture/design, implementation/integration, knowledge transfer, health checks and optimization.

Penetration Testing

Our security assessments and penetration tests are ethically and methodically conducted anticipating what malicious individuals would do in an attempt to exploit system, network, physical, and human vulnerabilities.

Strategic Security Program Development, Implementation and Maintenance

Softthink Solutions’s team of consultants utilize their extensive experience and expertise to help organizations develop, implement, maintain, and manage effective security programs that protect their most critical data assets. Our team of security consultants hold the top certifications in the industry and have helped hundreds of customers keep their information secure.

Our consultants are up to date on the most current security strategies. They utilize our proven Critical Asset Protection Program (CAPP) methodology and ISO 27000 experience to provide you with customized, innovative and cost-effective solutions.

Security Strategy offerings from Softthink Solutions include:
» Security Program Evaluations
» Security Program Design and Product Optimization
» Architecture Reviews
» Global Privacy & Workplace Monitoring Assessments

Security Program Evaluation

During an evaluation, Softthink Solutions consultants assess the current state of your information and network security program, taking into consideration privacy and compliance attributes. Working with different business units, we identify and prioritize your most critical assets.

In working sessions, Softthink Solutions consultants review documents, procedures, and operations, and assess if the security program meets business intent. As part of the evaluation, the effectiveness of the existing program is scored based on its maturity level which assesses a compliance vs. commitment based approach to information security. Softthink Solutions provides detailed recommendations for addressing areas of improvement that are prioritized based on risk, taking into account the organization’s human and financial resource constraints. Deliverables include a Security Strategy Evaluation Report and Scorecard.

Softthink Solutions provides detailed recommendations for addressing areas of improvement that are prioritized based on risk and take into account the organization’s human and financial resource constraints. Business consultants only make recommendations that specifically map to an organization’s needs.

Program Design and Product Optimization

Policy Development and Tuning

Softthink Solutions provides policy development and tuning services to ensure you are getting the most out of your security solutions. For existing security deployments, we analyze and evaluate the effectiveness of existing policies, making recommendations, creating custom policies, and/or tuning to minimize false positives.We are then able to develop a process by which one can manage the evolution of custom policies from creation and testing all the way through to release and tuning.

Incident and Event Workflow

We help you build the processes around event triage and incident management so these processes objectively and efficiently filter true threats for proper resource allocation with your specific industry and regulatory requirements considered.

Advanced reporting and analytics

We work with you to define the key performance indicators and associated reports that provide the measurements of performance needed to communicate the value of your security technologies.Targeted areas of reporting include:
» Executive level (Project sponsors and key stakeholders.)
» Program-based analytics
» Policy-based analytics
» Compliance and audit operations

Security Architecture Review

The technology push never ends in the world of information and network security, compliance and privacy. Vendors drive solutions on a daily basis and many organizations change staff frequently which can cause a loss of the knowledge base required to manage and maintain a security architecture. Common questions asked about installed solutions by organizations include:
» Who manages the solutions?
» What is it capable of providing?
» Where is it deployed?
» Why is the technology is being used?

Softthink Solutions’s Security Architecture Review provides customers instant results by allowing them to understand:

» What technologies you own?
» Who is responsible for managing and monitoring the tools?
» What features and functionality are being utilized?
» Which critical assets are being protected?

Based on the results of the review we evaluate your organization’s posture against the security Continuum Maturity Scale. You will receive a comprehensive security asset inventory matrix report that outlines the project’s findings and details recommendations for optimization and improvement.

Many Softthink Solutions customers have saved hundreds of thousands to millions of dollars on eliminating useless technology, optimizing their current tools rather than purchasing new technology or negotiating more favorable recurring maintenance costs.

Global Privacy & Workplace Monitoring Assessments

International business operations are demanding. Global security regulations and employee privacy standards can make them even more challenging. Establishing an awareness of, and properly managing, these regulations is crucial to designing and implementing a security strategy that protects an organization’s assets while conforming to regulatory standards. Although independent countries of the world have geographic boundaries, information networks do not. Protecting critical assets effectively, while complying with privacy regulations related to electronic communications monitoring, can be a daunting task.

Softthink Solutions’s Global Privacy and Workplace Monitoring Assessment provides organizations a clear, concise and comprehensive review of their exposure to global privacy regulations and workplace monitoring requirements. The service is customized for each customer, ensuring the unique aspects of each organization are examined with results that address concerns ranging from executive management, general counsel, compliance, business unit leaders and information security professionals. The assessment will clearly outline potential regulations and requirements that an organization must adhere to when leveraging technology solutions to monitor electronic communications within their network.

The Process

Softthink Solutions experts will map your organization’s operations to the relevant national, regional and industrial workplace monitoring and privacy laws based on how you store and transmit data. A summary report will be delivered that will include comprehensive recommendations and customized action plans to address any gaps and key issues specific to your business operations as they pertain to electronic monitoring.

Organizations can find immediate value for enhancing their security posture by simplifying the international data landscape they inhabit.