Defence in Depth

Defence in Depth

Defence in Depth from NCC Group helps combat the proliferation of cyber-attacks which are occurring each day. We work with you to understand the risks to which your company is exposed, whether through under-protected infrastructure, individual negligence or malicious insiders.

The growth and ease of connectivity, coupled with the increasing use of personal devices, represents a borderless challenge to those tasked with managing the risk to IT environments and information, meaning solutions are needed that are successful within the entire cyber domain, and not just a specific physical location. 

NCC Group offers a multi-layered, multi-vendor security architecture to provide external and internal threat protection. We offer a range of solutions around network security, advanced malware protection, data control, priviledged access management, secure configuration and mobile enablement.

 

Network security

We protect internal networks and police the network perimeter, establish multi-layered boundary defences deployed between the un-trusted external network and trusted internal networks. NCC Group provides a range of technologies to achieve this:

  • Next generation firewall technologies.
  • Web Application Security 
  • WAN optimisation.
  • Agile IPS solutions.

Advanced Threat Protection

Traditional signature recognition and heuristics are not enough. Attacks continue to evade detection, bypassing point-in-time detection tools (for example sandboxing) in order to reach their target and establish a foundation for subsequent attacks.

Recent attacks have also included an element of subterfuge, bombarding the victim organisation with a DDoS attack, whilst hiding a more advanced, stealth approach amongst the noise.  

NCC Group can provide advanced threat protection across all aspects of an organisations infrastructure.

  • Detection of zero-day exploits, targeted attacks, APTs and other malware which routinely bypass traditional signature based controls.
  • Analysis of high volume binaries and web content delivering high levels of accuracy and protection.
  • Behavioural analysis regardless of ports or encryption, including full visibility into web traffic, and email protocols (SMTP, IMAP, POP), FTP and SMB.

Data control

NCC Group delivers data control offerings to enforce user access to company information and limit the use of removable media.

  • Threat management, regulatory compliance, data governance and secure communications. All based on a common security-as-a-service platform.
  • Mitigation of data control issues, protection of company information through security configuration, vulnerability and file integrity monitoring as well as log and event management.

Privileged Access Management

Management and monitoring of privileged accounts is the foundation of any security strategy:

  • Ensuring that only authorised users can gain access to authorised devices.
  • Controlling the activities that a privileged user can perform.
  • Securing contractors, auditors and third parties to device access on company, controlling which activities can be performed.
  • Preventing credential leakage of device administration credentials.
  • Monitoring what privileged accounts are doing, for security and audit purposes.

Contact us