[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now


Cyber Risk Coverage Application

Posted on 2014-08-12
Medium Priority
Last Modified: 2016-03-23
HI Everyone
this is a second application I'm looking for an SMB trying to get Cyber Risk Coverage Insurance Policy.
All of our SMB clients already have Firewall, Antivirus, Disaster Recovery, etc. But this form is asking for more and we are struggling to find affordable solution or solutions.
We need intrusion detection software - I guess Sonicwall ID does not count?
We need event log recording, monitoring and alerting. - We use Labtech MMP, but this is more for system performance things and is limited on how long logs are saved and what is detected.
We need to have a program in place to test and audit network security controls. Would scanning network perimeter from SecurityMetrics (PCI compliance tester) would be sufficient? We can also get a device from them to periodically perform vulnerability scanning.
Anyone can help with advice?
Question by:mavrukin
  • 3
  • 2

Accepted Solution

Sean Jackson earned 2000 total points
ID: 40256235
For intrusion detection, I cannot recommend anything stronger than I do OSSEC.  It's open source, easily configured, and it will do any alerting you need, save for making a phone call.

I also recommend setting up an aggregate log system using syslog-ng.  Have all your servers point their logging to a central machine, and that collects everything and reports on anything amiss.  Again, open source.

I recommend putting an instance of Splunk on each of these to create a GUI representation, making it easier for you to see what's going on in your systems.

Yes, SecurityMetrics is good for scanning your perimeter.  They can also help you with your PCI compliance, if that's something you need to worry about.

You can also look at Qualys for external scans, I recommend Acunetix and Nessus for internal scanning.  You can get a license for Nessus and run that internally yourself.  

Based on what you're saying, it sounds like you could use someone to get this all going for you, maybe just to set it all up, but all these tools are what I call 'work amplifiers'.  If you have them in place, you have to have someone working with them to make them really hum and purr.

Author Comment

ID: 40256307
Sean, yes we could use sine help. Can you help us?

Expert Comment

by:Sean Jackson
ID: 40257195
I'd be happy to. I sent you a message.

Author Closing Comment

ID: 40259601
Sean was super helpful. Thank you.

Expert Comment

by:Sean Jackson
ID: 40260803
Thank you, Mavrukin.  Glad to help.

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

868 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question