fbpx

MARITIME CYBER SECURITY SERVICE: SENTRIFY

Sentrify is a Cyber Security service designed specifically for the vessel environment and connectivity, and it encompasses three packages to accommodate preferences and compliance policies.

Sentrify incorporates best-in-class third-party endpoint agents, UTM firewalls, and centralized logging while simultaneously being hardware and software agnostic.

A team of security experts oversee the service from a vSOC, consulting on security best practices and responding to incidents on a 24/7 basis. vSOC seamlessly and efficiently coordinates with any internal security teams.

MANAGED SERVICE

Managed service is compromised by our customer support agents based in Cyprus and India and a vSOC based in the US. Working in tandem with the customer’s internal security team (if any), our security experts consult on security best practices unique for each vessel and brief stakeholders at regular intervals about the attack surface of the fleet.

Features

  • Security consultancy
  • 24/7 Monitoring
  • Vulnerability Reporting
  • Fleet Security Briefing
  • Incident Response

SENTINELONE AGENT

OVERVIEW

Sentinel One is a proud Leader in the enterprise security market. It has been recognized for their execution and innovation by authorities such as Gartner, and it consistently leads the pack in testing & evaluations conducted by firms such as MITRE Ingenuity and SE Labs.

Offering a centralized platform for endpoint management, with minimal traffic considering Satcom limitations and the ability to fully function offline for up to 14 days.

FEATURES

  • Singularity™ Global SaaS Platform Access
  • Multi-Tenant, Multi-Site, Multi-Group fully customizable with RBAC
  • Singularity™ Marketplace Integrations
  • NGAV Static AI & Behavioural AI Prevention
  • Embedded AI Threat Intel & Threat Indicators
  • Recovery with Patented 1-Click
  • Remediation & Rollback
  • Incident Forensics Reporting
  • Firewall Control
  • Device Control for USB
  • Device Control for Bluetooth® and
  • Bluetooth Low Energy
  • Rogue Device Discovery
  • Application Inventory

RAEDR AGENT

Overview

RaEDR agent is collecting data from each managed endpoint including system logs and reports for vulnerabilities and available remediations. It registers the desired policy of each device and alerts on deviations.

  • Monitoring of all security event data.
  • Analysis and alerting of actionable information.
  • High frequency vulnerability monitoring of operating systems installed software and network devices through inventory data and active scanning.
  • Generation of critical vulnerability reports for risk remediation.

Features & Tools

  • Real-time security event management File integrity monitoring and Sysmon Integration
  • Vulnerability management via detection tools that extends to non-network third party applications
  • Intrusion / threat detection alerting via various methods of secure communication
  • Security Configuration Management based on CIS benchmarks with default to CIS level 1 (customizable).
  • Compliance management capability with real-time proof of working controls
  • Customizable dashboards interface for visibility and monitoring of the security management process
  • Reporting on critical vulnerabilities

RAEDR BOX

FEATURES

RaEDR Box is a VM or physical machine on each vessel that centralizes logging from different sources including EDRs, Switches, Firewalls and IoT devices. It uploads relevant data to cloud SIEM for fleet management and reporting and it is invaluable in case of an incident. It can identify attack vectors for unmanaged devices such as IoT and network hardware.

RaEDR Box uses RASP (Rapid Attack Simulation PenTest) to identify vulnerabilities and rogue devices on the network.

  • Hosted RaEDR SIEM, which includes bespoke ingestion of data from multiple sources including deployed agents on servers and workstations as well as any third-party API data such as Office365, centralized AVS or any relevant data sources.
  • Remote management of RaEDR agents including upgrades

EXTENDED MONITORING BEYOND ENDPOINTS TO NETWORK DEVICES

  • Creation and assistance in deployment of Virtual Machine/s for localised RaEDR installation
  • Network based scanning and log collection from firewalls and network infrastructure devices
  • API data integration (optional bespoke OT log collection)
  • Cloud service integration (data collection and monitoring e.g. Azure, Office365, AWS, Google)

Customer Support

Our customer support team operates from Cyprus (Network Operations Center), India and USA (Virtual Security Operations Center)

  • Tier 1: 24/7 Phone and E-mail Support via staffed office.
  • Tier 2: Escalation from Tier 1 for advanced cases.
  • Tier 3: Technical Account Management team for backend administration and innovation.
  • Tier 4: Advanced Security Team