CYBER SECURITY OPERATIONS CENTER (CSOC)

CYBER SECURITY OPERATIONS CENTER

We Monitor and Respond To Website Security Threats

The Greychip Host Cyber Security Operations Center (CSOC) is staffed with certified security analysts to monitor, asses and defend websites, applications, databases, data centers, servers, networks, desktops and other endpoints for customers. Using a state-of-the-art facility and Comodo cWatch technology, the CSOC checks for threats, identifies and analyses them and then performs the necessary actions.

24/7 Website Surveillance

The CSOC provides 24/7 security monitoring by certified security analysts and using state-of-the-art technology.

Threat Investigations

Analysts at the CSOC identify and analyze threats, and provide alerts if appropriate to engage clients in resolution and assist in mitigation.

Incident Response

With real-time web traffic monitoring and proactive incident identification, our security experts are able to notify organizations and act quickly.

Security Expertise

CSOC absorbs the time-consuming and complex security incident investigation process, while offloading costs of in-house experts.

PCI SCANNING

Greychip Host cWatch Web provides businesses, online merchants and other service providers who handle credit cards online with a simple and automated way to stay compliant with the Payment Card Industry Data Security Standard (PCI DSS). It ensures that payment cardholder information is kept secure from possible security breaches through a meticulous network and application scans to identify and fix security vulnerabilities.

12 PCI DSS Requirements

Greychip Host cWatch Web will help you achieve many of the 12 PCI DSS requirements by providing an Intrusion Detection System, cloud-based Firewall and WAF for your websites.

Virtual Patching, Hardening and security options

Establishes and implements a firewall, hardens your environment, disables unnecessary services & configures system parameters to prevent misuse, ensures system components are protected from known vulnerabilities, addresses common coding vulnerabilities, implements audit trails, and provides security logging and monitoring.

Quarterly Scan Results

Greychip Host is an Approved Scan Vendor (ASV) and cWatch Web allows you to schedule fully-featured on-demand PCI scans to report quarterly ASV scan results to the PCI Security Standards Council.

Malware Detection, Prevention & Removal Service

The Greychip malware detection scanning, preventive methods and removal services enable organizations to take a proactive approach to protecting their business and brand reputation from malware attacks and infections. Greychip cWatch Web can identify malware, provide the tools and methods to remove it, and help to prevent future malware attacks at the edge before it hits the network, all included as part of the security bundle.

Malware Detection

Comodo cWatch Web provides continuous monitoring of your website and immediate alerts in the event of a security incident.

Malware Removal

Directs you to the main cause and helps remediate the cause, hardening your websites to prevent future attacks.

Malware Prevention

Unsuspecting websites could get infected with malicious code. cWatch protects your website from malicious actors.

Live Immediate Technical Support

24/7 security monitoring by certified security experts using state-of-the-art technology helps you respond to incidents.

Security Information and Event Management System (SIEM)

The Comodo Cyber Security Operations Center is staffed with certified security analysts to monitor, asses and defend websites, applications, databases, data centers, servers, networks, desktops and other endpoints for customers.

Real-time visibility

Collects logs and events from network and web assets, security devices, operating systems, applications, databases, and identity and access management products. Processes vulnerability information from network, web and application vulnerability scanners. Scans and detects malware embedded in applications.

Prioritized alerts

Performs immediate event normalization and correlation for threat detection and compliance reporting. Reduces billions of events and flows into a handful of actionable offenses and prioritizes them according to business impact.

Threat management

Performs activity baselining and anomaly detection to identify changes in behavior associated with applications, hosts, users and areas of the network. Senses and tracks significant incidents and threats, providing links to all supporting data and context for easier investigation Performs event and flow data searches in both real-time streaming mode or on a historical basis.

Block Malicious Traffic With Comodo Web Application Firewall

Physical, virtual and in the cloud, the Comodo WAF eliminates application vulnerabilities and protects websites and web applications against advanced attacks including but not limited to Denial-of-Service (DDoS), SQL Injection and Cross-Site Scripting. Combined with malware scanning, vulnerability scanning and automatic virtual patching and hardening engines, the Comodo WAF provides robust security that is fully managed for customers as part of the Comodo cWatch Web solution.

Malicious Bot and Brute Force Prevention

Malicious bots and brute force attacks are blocked from websites. Protection of account registration forms and login pages from various attack vectors plus protection from application denial of service.

Zero Day Immediate Response

Regular updates of virtual patches for all web sites under management and immediate response to apply a patch for the zero day attacks when they become known to the public.

Stop Website Attacks and Hacks

Protects vulnerable websites by identifying and removing malicious requests and thwart hack attempts. Also focuses on application targeting attacks for example Joomla, WordPress and plugins, Drupal etc.

Distributed Denial of Service Protection

Globally-distributed Anycast network enables efficient distribution of traffic. It explicitly blocks all non HTTP / HTTPS – based traffic, with a current network capacity in excess of 1 TB/s. Each PoP has multiple 10G and 100G ports, designed to scale and absorb.