Nerium uses the following core values to offer a high-quality service to its customers. This blog explains how these core values are reflected in the Managed Detection andResponse (MDR) service.
Before onboarding a customer to its Managed Detection and Response (MDR) service, Nerium conducts a hygiene assessment. During this evaluation, we expose the potential attack paths. This is an important and necessary first step in delivering the MDR service tailored to the customer's needs. This is because identifying vulnerabilities and misconfigurations is essential to determine the appropriate security measures. This reduces the likelihood of incidents and increases the likelihood of early detection of a potential attack and minimising its impact.
Nerium understands that not all risks can be mitigated. Certain business processes cannot be changed. Therefore, the results of a hygiene assessment are used for two purposes:
- To deliver an improvement plan to address vulnerabilities and misconfigurations.
- To adjust the Managed Defense service to monitor the risks where improvements cannot be made.
Our assessment aims to expose known and unknown attack paths. We do this by breaking down attacks into the following topics:
- Gaining initial access by the attacker.
- Getting persistence so the attacker can continue to have access.
- Elevating privileges after the attacker is in the digital environment.
- Lateral movement possibilities within digital environments to move through the network.
- Achieving the attacker's objectives.
By examining the attacker's capabilities in each of these steps, we can provide recommendations for improvements that make it more difficult for attackers to carry out their activities.
Our MDR service
With our advanced Managed Detection and Response (MDR) security solution, Nerium protects its customers against the increasing threats of cyber attacks. Our MDR service provides organisations with a combination of advanced security products and human expertise to detect and intervene against threats near real time. Our team of experts is continuously aware of the latest trends in cybersecurity and uses advanced analytics to identify abnormal behaviour.
Our goal is to prevent a digital attack from being successful. We do this by detecting and stopping an attack as quick as possible. This may involve removing malicious programs, disabling user accounts, or isolating a system from the network. The mandate to carry out these actions is discussed at the start of the service provision. This allows Nerium to respond 24/7, even on a Sunday night at 3:00 am. Additionally, we continuously propose security measures to prevent the attacker from striking (again).
Our MDR service is tailored to the specific needs of each customer. Nerium provides 24/7 monitoring for networks and systems across multiple digital layers of the organisation, allowing threats to be quickly detected and mitigated before they can cause serious damage. We deliver our services on-premise, hybrid, and in the cloud.
- The results of the hygiene assessment that precedes each MDR onboarding. From here, Nerium gets a good understanding of the customer's digital risks. If vulnerabilities or misconfigurations are identified that cannot be remediated, these risks will be monitored with the MDR service.
- The current attack techniques we are currently seeing in the field. This way, Nerium can make a real impact in securing its customers.
- The threat landscape in which an organization operates. Each sector in which an organization can operate has a different threat landscape. Consider, for example, attackers who are focused on stealing trade secrets or, conversely, on encrypting information to ask for a ransom.
Cyberthreats are constantly evolving and becoming more sophisticated. Cybercriminals are always looking for new ways to infiltrate systems and steal sensitive information. That's why Nerium is continuously optimizing its internal operations for its customers by creating new detections, implementing new threat intelligence, and proactively searching for unknown threats and vulnerabilities in the customer's digital environment (threat hunting). This can only be achieved by investing in qualified personnel and keeping up with the latest trends and developments in cybersecurity. This continuous development will also result in generic improvements, such as disabling certain protocols in an environment that is frequently exploited by attackers.
The race between groups attacking organizations and professionals securing them is taking on new forms. Attackers even buy the most common security products to test their attack techniques for detection, in order to prevent security products from triggering an alarm. Therefore, it is important to create custom detections that are difficult for attackers to predict, giving customers peace of mind that their detections are effective.
Transparent service delivery is crucial in providing our MDR service. Nerium will keep the customer informed of any incidents or threats detected via various channels, as well as how they are mitigated. This provides customers with insights into the process Nerium employs to secure organisations, awareness of active attack attempts, and possible realisation of business risks.
Furthermore, it is important for us to ensure that customers are aware of the data collected, where it is stored, and how it is used to secure the organisation. A clear understanding of these aspects of the service provides reassurance regarding the customer's resilience.
In Nerium's setup, the customer remains the owner of the data and sensors. The data necessary for Nerium's services is stored in the customer's environment. This means that the customer has full control over their own data and technical setup, and that Nerium only has access to this data and setup to perform the services. This ensures fair ownership.
In this setup, it is also easy for a customer to switch service providers or build their own team of security specialists, avoiding unnecessary startup and installation costs.