Data is a very important asset of any company. When the confidentiality and integrity of data is compromised, it can lead to substantial financial losses and reputational damage. If the damage is not managed properly, it can eventually end up causing the organization’s demise. It is paramount that the IT Infrastructure containing this asset is protected.
The IT security landscape has changed dramatically over the course of the past few years. Cyber-attacks are increasing globally as well as in this region. Research firm Gartner, in a press statement, mentioned that they are “expecting demand for security products and services to be driven by the persistent threat landscape and influenced by the increasingly targeted and evolving attack patterns that are growing in sophistication”.
MEEZA’s Security Operations Centre (SOC) is ISO27001 and ISO9001 certified and operates 24 hours a day, 7 days a week, and 365 days a year. The qualified security experts use certified processes and procedures to deliver superior IT Security Monitoring Services to clients.
MEEZA delivers a cost-effective and industry-recognised Advanced Security Monitoring Service that provides real-time monitoring of its client’s critical devices. This service enables an organisation to focus on their core business whilst outsourcing Security Monitoring to MEEZA.
The Advanced Security Monitoring Service is designed for clients that require security monitoring and notification services for their Business Critical Assets against cyber-attacks.
MEEZA’s Security Operations Centre (SOC) receives Threat Intelligence and Situational Awareness information from a number of strategic partners within and outside of Qatar. This information provides MEEZA with global and local intelligence to assess, monitor, notify, and assist the client with defending their assets against cyber-attacks.
MEEZA’s Advanced Security Monitoring (ASM) Service utilises Security Incident and Event Management (SIEM) technology to monitor and alert its clients. This technology provides the automated collection and analysis of client log data from security devices, including firewalls, intrusion detection systems critical hosts, and applications.
MEEZA Security Information and Event Management (SIEM) provides insight into all data to enable MEEZA SOC team members to quickly detect and respond to internal and external attacks, to simplify threat management while minimizing risk and safeguarding the business. The SIEM enables MEEZA the SOC team to use all data to gain organization-wide visibility and security intelligence to addresses a wide range of security use cases. MEEZA’s Advanced Security Monitoring (ASM) offers continuous real-time monitoring, incident response, running a security operations center for providing executives a window into business risk. The ASM Service provides organizations the ability to:
- Improve security operations through faster response times
- Improve security posture by getting end-to-end visibility across all machine data
- Increase detection capabilities using analytics-driven security
- Make more informed decisions by leveraging threat intelligence
- Monthly reports to the clients to track the progress of security incidents and provide trending and historical analysis
MEEZA’s Security Orchestration, Automation, and Response (SOAR) is a Managed Service integrating customer’s team, processes, and existing security tools together to drive Security Operations Centre (SOC) efficiency and scale. The service is ideally suited for clients with defined Standard Operating Procedure(SOP) and having SIEM either dedicated or MEEZA Managed. MEEZA Managed SOAR provides capabilities that allow analysts to improve efficiency and shorten incident response times. Managed SOAR provides the scalability, performance, and speed of security automation with the ability to process a high volume of security events per hour. With Managed SOAR MEEZA is able to improve security and better manage risk by integrating teams, processes, and tools together. MEEZA Security teams can automate tasks, orchestrate workflows, and support a broad range of functions including event and case management, collaboration, and reporting.
MEEZA’s Vulnerability Scanning and Reporting Service provides clients with a cost-effective solution to comprehensively assess the security posture of critical networks, servers, and endpoint assets. It will support organisations in understanding the level of exposure they have from infrastructure to internal and external threats.
The service will help them stay compliant to regulatory requirements for vulnerability identification and resolution. Operational reports with recommendations are available on how threats and vulnerabilities can be mitigated, along with executive reports that provide trending analysis based on historical scans to inform the organisation’s management team of the current security maturity of their environment with regards to vulnerability resolution. Regulatory compliance reports required and specified by the clients can be provided as well.
Sophisticated cyberattacks can be hidden and difficult to find, yet addressing these threats is critical to protect confidential data. MEEZA’s User Behaviour Analytics Service is a crucial Service within the Security Portfolio to help organisations find known, unknown, and hidden threats using multi-dimensional behaviour baselines, dynamic peer group analysis using machine learning to detect compromised or misused accounts or devices leading to data exfiltration or Intellectual Property theft.
MEEZA’s User Behaviour Analytics Service when combined with the Core SOC Service rapidly addresses the most sophisticated threats by pushing the threat information to SIEM as a notable event. MEEZA’s expert SOC Analysts, equipped with advanced analytics-driven SIEM and human-driven correlation rules would be able to detect such unknown threats much faster.
MEEZA’s Multi-Factor Authentication Service offers a robust, flexible, and secure way to authenticate user connection requests to network devices. The MFA Service can be deployed on both Customer managed and MEEZA’s managed network devices. The MFA Service offers a far more secure and scalable alternative to static passwords.
Firewalls have been the first line of defense in network security for years. They establish a barrier between secured and controlled internal networks that can be trusted and untrusted outside networks, such as the Internet. Firewalls have evolved beyond simple packet filtering and stateful inspection. MEEZA’s next-generation firewalls block modern threats such as advanced malware and application-layer attacks. MEEZA next-generation firewall offers:
• Standard firewall capabilities like stateful inspection
• Integrated intrusion prevention
• Application awareness and control to see and block risky apps
• Techniques to address evolving security threats
To manage cyber-risk, organizations need to understand and act on threats relevant to their business. MEEZA Managed Threat Intelligence service provides a central point of control for automated operational, tactical, and strategic threat intelligence and digital risk protection. The Service uses sophisticated algorithms to collect data from open, closed, and private sources, malware, the dark web, and underground forums, to correlate and enrich it then deliver structured, actionable intelligence through individual targeted modules. MEEZA Security analysts back the threat intelligence findings by contextualising the understanding of the intelligence.
By deploying targeted threat intelligence modules, the service configures an elastic solution that is adapted to the client’s specific intelligence needs. MEEZA Threat intelligence service provides modular units to helps organizations reduce the noise and access only relevant information to detect, monitor, and remediate threats.
This module boost awareness of what’s going on in the underground, observe malicious activities targeting client and proactively prevent future attacks. This module help becomes better informed about criminals targeting client; proactively prepare countermeasures; find stolen user credentials.
Fraudulent domains are a risk to any client and end customers, with the goal of stealing information or damaging your brand. This module combats phishing and cybersquatting by proactively detecting attacks and take countermeasures.
This module help discovers if the client’s sensitive documents have been leaked on the internet, deep web, or P2P networks, intentionally or not, such as with shared internal documents with poorly-secured file-sharing providers.
This module help finds actionable intelligence around leaked, stolen, and sold user credentials. The service locates the credentials in real-time on the open, deep, and dark web, along with information about relevant malware used to steal the information. The service uses sinkholes, honeypots, crawlers, and sensors continuously searching for stolen credentials, helping eliminate blind spots in the threat landscape.
The module monitors global hacktivism activity on social networks and the open and dark web that can affect the client’s infrastructure. Using an advanced early-warning system and active geolocator, the module generates targeted threat intelligence to shield against potential attack vectors.
Malicious and illegal applications are hiding in plain sight in non-official marketplaces, luring potential customers away, and even stealing their data. This module specializes in detecting applications claiming affiliation to the client or using company assets without authorization to protect the client’s brand and reputation.
This targeted malware module allows to detects malware seeking to steal sensitive information or commit fraud. The solution proactively hunts down targeted malware and ‘Man in the Browser’ attacks, aimed specifically at the client’s organization. Through a robust and continuous analysis of millions of samples per month, this module provides forensic reporting on malware behavior targeting the systems.
This module monitors the client’s digital footprint on social networks and search engines. This module finds websites not authorized to use client’s brands, logos, assets claiming partnership affiliation assets, and more to take proactive steps to shut them down.
This module dig deep enough to find all sorts of credit card data online. This module can dramatically reduce losses from theft and fraud of credit cards. The service retrieves stolen credit card data and provides information to help organizations mitigate the damage.
MEEZA’s Managed Web Application Firewall is a managed security service providing inline web application protection by detecting and blocking potential threats from reaching Customer web applications. MEEZA managed web application firewall is a special type of application firewall that applies specifically to web applications. It is deployed in front of web applications and analyzes bi-directional web-based (HTTP) traffic – detecting and blocking anything malicious.
MEEZA’s threat hunting is professional service from MEEZA’s expert security team, the service is designed to find evidence of compromise and network-based anomalies, whilst also providing practical recommendations. Every threat hunt is tailored to the client’s infrastructure, existing policies, procedures, and priorities with regards to Cyber Security.
MEEZA’s forensics investigation is professional service from MEEZA’s expert security team. Our Digital Forensics Team combines up to date, network analysis and inspection capability to investigate any damage, facilitated by a cyber-attack. Applying evidential practice where necessary, MEEZA supports cybersecurity and internal corporate incident investigations and can also assist to come up with a disaster recovery plan.
MEEZA’s Pen Testing is a key Professional Service within the Security portfolio. Our Pen Test experts can support you in the identification, remediation, and/or risk management of vulnerabilities across your applications, infrastructure, and computer information systems. Our Pen Testers have deep industry knowledge, experience, qualifications, and certifications. Full independent Pen Testing.