Solutions By Design – Defensive Cyberspace Operations Service Provider
Solutions By Design - Defensive Cyberspace Operations Service Provider
|Company size (employees)||100 to 499|
|Headquarters Region||North America|
Solutions By Design II (SBD) provides unparalleled service in the field of security operations. Driven by highly trained and experienced SBD leaders, engineers and analysts, our team is committed to delivering exceptional investigative analysis and solutions to support the customer’s defensive cyber operations while maintaining situational awareness. Our multi-faceted approach includes:
• Vulnerability Management: SBD currently performs 5 million+ weekly scans and 1 million monthly virus scans resulting in over 5,800 handled malware events.
• Big Data: Our Big Data approach ingests 400GB+/day monitoring cyber-security events across 55,000+ host devices. Leveraging this information provides better threat pictures and their security risks to our clients.
• Vulnerability Hunting: SBD has a targeted focused operations group that is specifically looking for anomalous events on the network. This specialized service addresses in depth analysis and serves as front line for APT prevention.
• Insider Threat/Behavior Analytics: SBD built out a user monitoring solution that targets high risk users while still meeting privacy considerations. This is focused on leveraging behavioral analytics instead of a “boil the ocean” approach.
• Cyber Threat Intelligence: SBD is performing Cyber Threat Intelligence reviewing a variety of intel sources to provide actionable threat intelligence to our Cyber Defense Teams.
SBD provided analytics and insight to our client’s most critical security data for actionable alerting and reporting. SBD directly provided all threat hunting capabilities and was responsible for identifying penetration tests, identifying cloud intrusions, and correcting fatal security misconfigurations routinely. SBD’s approach to evolving Security Orchestration and Automation Response (SOAR) allowed for the continued automation of cybersecurity development of an erasure process for data spills. This resulted in SBD automating 90% of Tier 1 activities resulting on over 9 million dollars in cost savings for our clients. Beyond the cost savings this has improved response time and provided better situational awareness to our client’s decision makers.
How we are different
- SBD has been exceptionally successful developing and maintaining a cyber event research team used to conduct “deep-dive analysis” on cybersecurity threats to our customers’ enterprises. Our team is well-versed in incident research techniques including identifying potential malware, extracting samples, detonating threats in a sanitized “Out of Band” environment, capturing IOCs, implementing IOCs into enterprise security tools, and developing reports to document all aspects of the research process. As an example, SBD implemented a new enterprise phishing reporting solution providing users the ability to quickly alert the SOC of phishing emails. This led to increased reporting of phishing emails providing data to implement blocks preventing similar emails from entering the enterprise.
- SBD applies its understanding of system architecture and design components, vulnerability data, and current trends in exploitable weaknesses to analyze and interpret the data to identify potential threats. Specifically in our effort to develop a comprehensive set of ~ 10 Splunk Dashboards to support a minimum standard for audit log reviews, we have identified and escalated risk events previously undetected. By consolidating log data across all system layers data and applying key search criteria, these risks are readily identifiable and once known can be remediated accordingly. The implementation of a minimum standard brings the first layer of insight into vulnerabilities in our systems and enables further diagnostics and discoveries.
- SBD specializes in cybersecurity services, utilizing an Information Technology Infrastructure Library (ITIL) Service Portfolio approach providing a wide range of dedicated cyber services that focus on maturing an organization’s cyber posture. This has enabled us to take an Agile approach to cybersecurity, making consistent incremental improvements that adjust to our customer’s critical issues while working towards our customer’s Chief Information Security Officer’s (CISO’s) vision. SBD is currently utilizing this approach monitoring over 35,000 global users and over 55,000 endpoints.