Managed Detection & Response (MDR) – Fractis S.A.
single-product-text-image

The MDR service is easy to deploy, effective in identifying illicit behaviour in your endpoints and cutthroat in remediating malicious activity. By fortifying your endpoints – computers and servers – we eliminate threats before they propagate in your network and your wider IT infrastructure.

How it works:

  • Deployed via agents to endpoints (workstations, laptops, servers) which analyse telemetry and alerts using a cloud-based detection engine with behavioural analytics.
  • Monitors activity logs and telemetry generated by endpoints which are filtered and analysed using machine learning, artificial intelligence and cyber incident specialists using a global pool of data.
  • Action the alerts that require immediate attention focusing on true positives and actual threats, either by our cyber security specialists or your designated personnel.
single-product-text-image
single-product-text-image

What we do:

Detect

Advanced Threat Detection – Detection of threats by applying advanced analytics to volumes of security telemetry in the places where adversaries operate.

Global Focus on Threats – Our intelligence analysis is conducted on advanced adversaries, from state-sponsored actors to criminal organisations.

Investigate

24×7 Monitoring & Investigations – We investigate threats, alerts and true positives detected by the MDR platform and your existing security investments 24/7/365.

Clear, non-technical Explanations – When we confirm a threat or eliminate a false positive, you’ll understand what we concluded and why—using language anyone on your team can understand.

Respond

Automation & Orchestration – The MDR platform uses incident playbooks to notify the right people, contain threats, and begin remediation.

Incident Response – Our team works with your existing resources to stop the spread of a potential attack. The remediation of confirmed threats can also be conducted by the Fractis team, responding on your behalf.

Improve

24×7 Support – Contact us any time you have a question, concern, or just want to talk about the latest threats. We’re here when you need us, and it never costs more.

Executive Reporting – Track your mean time to repair (MTTR) after an incident, return of investment (ROI), and the work we’re doing with full transparency, supported by metrics and to the point reporting.

single-product-text-image

Fractis has had the honor to serve leading organizations both domestically and internationally. Indicatively these organizations include:

Domestic:

– Shipping companies
– A systemic bank
– Critical infrastructure operators
– Organizations in aviation
– Major law firms
– Major player in the food industry
– Major software companies & IT organizations

International:

– Business process and outsourcing organizations
– Strategic advisory firms
– Law firms
– Investment companies
– Financial infrastructure organizations
– Technology organizations

Trust and privacy are paramount in the work we do, so even the names of our clients are considered sensitive information. Advertising you are secure only calls for unwarranted attention.

The steps of our approach in general could be summarized as following:

  1. Introductory meeting
  2. Identification and analysis of client’s needs
  3. Formulation of the scope of work and key objectives
  4. Preparation of a proposal
  5. Discussion and agreement of the proposal
  6. Insertion of proposal in services agreement and signatures
  7. Execution of the services agreed
  8. Follow up after the termination of the services provided
  9. On going support based on your needs

Standards:


– ISO/IEC 27001: Information security management system standard.
– ISO/IEC 27002: Code of practice for information security controls.
– ISO/IEC 27005: Risk management for information security.
– ISA/IEC 62443: Requirements for implementing and maintaining electronically secure industrial automation and control systems (IACS).
– NIST SP 800-53: Security and Privacy Controls for Federal Information Systems and Organizations (used in the U.S. government).
– Standard of Good Practice for Information Security (SOGP): Business-oriented information security guidelines developed by the Information Security Forum (ISF). Available only to ISF members and eligible associated organizations.

Frameworks:


– NIST Cybersecurity Framework: The guidelines for mitigating organizational cybersecurity risks, published by the US National Institute of Standards and Technology.
– HCAΑ: The implementation of the Hellenic Civil Aviation Authority’s framework to the entities it regulates.
– COBIT (Control Objectives for Information and Related Technologies): A framework for the governance and management of enterprise IT.
– CIS Critical Security Controls: A set of best practices designed to help organizations prioritize and implement cybersecurity measures.

Guidelines

– ENISA Guidelines: The European Union Agency for Cybersecurity provides various guidelines on cybersecurity topics.
– SANS Critical Security Controls: A set of best practices to enhance the cybersecurity posture of an organization.
– Cloud Security Alliance (CSA) Security Guidance: Guidelines for securing cloud computing environments.

A high-level overview of our approach:

  1. Gap analysis – Our specialized professionals meticulously conduct a gap analysis against your designated standard, framework, or regulation. If you are uncertain as to what benchmark is most impactful for your organization, we conduct a preliminary assessment to identify the right standard, framework or regulation that best meets your objectives.
  2. Provision of findings and recommendations – Following the comprehensive gap analysis, we provide targeted and detailed recommendations for every identified gap or finding while accounting for each organization’s available resources.
  3. Prioritization of recommendations – Understanding that each organization has unique needs, we prioritize the recommendations, offering short-term tactical wins and long-term strategic objectives. This prioritization is crafted to align with your risk tolerance and available resources, ensuring that you achieve both immediate improvements and long-term goals. We aim to empower your organization with a clear, actionable pathway to heightened security and compliance.

Co-sourcing: We flexibly augment your capabilities in the provision of internal cyber security and IT functions integrating the specialists and technologies you need in your organization to perform the services or tasks you require. This middle ground between inhouse and full outsourcing fosters the transfer of knowledge and expertise as by sharing responsibilities and joint decision making you not only achieve your objectives, but we jointly skill-up our teams as they learn from one another. This mode of collaboration strategically leverages the strengths of our respective personnel and is ideal for organizations which want a more hands-on approach.

Outsourcing:  We assume and proceed with executing the functions, tasks, and responsibilities which you would like to have to increase your capabilities. After careful scoping and determination of reporting requirements and lines, you can then proceed with focusing on your primary objectives with peace of mind. This allows you to obtain access to specialized technologies, skills and competencies, in a cost-effective way that is flexible and scalable. This mode of collaboration tactically augments your available resources and is ideal for organizations that want a more hands-off approach.

  1. Long term: Over long periods of time with tactical involvement, often decreasing in duration over time. The lessening required duration over time is usually due to the increase in efforts required in the beginning to put structures in place, streamline efforts and the achievement of economies of scale, which come with involvement and time.
  2. Short & medium term: A limited period either in the short or medium term until operations or infrastructures are streamlined and finetuned.
  3. Ad-hoc: To tackle specific projects or engagements.
  4. On the job skill acquisition: until train internal staff are trained or until the conditions are ripe to hire suitable profiles.

Several factors play an important role in determining the right technological solution in any organization.

– Clear identification of the problem to be solved or objective to be met.

– Thorough assessment of the context in which the technological solution will be implemented. This analysis includes:

– the way you operate as an organization.

– your human resources and their skill level.

– other technologies you may have in place.

– Required investment vs increase in protection.

The end goal is to find the right technological fit for your organization.

While antivirus software remains an essential component of cyber security relying solely on it can leave even the most basic organization vulnerable to modern threats. It offers limited protection as it is only effective against known malware strains and unable to face zero-day attacks and exploits of unknown vulnerabilities.

Furthermore, modern cyber threats such as ransomware, the most imminent threat to most organizations, can easily bypass traditional antivirus software in most cases. Finally, and given its focus is on endpoint protection, it is unable to adequately defend your networks or cloud infrastructures.

Contact form

    *Required fields