- Cyber Intel Matrix
- MB connectline
- Nozomi netwoks
- Cortex Xsoar by Palo Alto Networks
- Palo Alto Networks
Managed security services
Provided by Black Cell
GENERAL DESCRIPTION OF THE SERVICE
Black cell offers customers its own customizable Managed Security Services (Hereinafter MSS).
Support is available:
- 8 hours / 5 days
- 24 hours / 7 days
- Support is offered in English and Hungarian
Black Cell’s Technical Support Team will respond to and resolve customer submitted problems related to the Product installation, administration and operation in accordance with the Service Level Agreements [SLA], described in this document, in order to:
- Answer general questions not addressed in the Documentation
- Address issues resulting from Product not functioning as described in the Documentation.
- Provide help and guidance regarding the threat detection
- Provide help and guidance regarding extended policy configuration and customer filter optimization.
- Ticketing tool
Depending on the size of the project and the complexity of the implementation, Black Cell will assign Project Manager for the seamless delivery.
Project Manage responsible for the following tasks:
Planning Project Resources (both external and internal)
Assembling and Leading Project Team
Quality and Satisfaction
Managing Issues and Risks
Reporting and Documentation
Key services provided as part of the remote consulting engagement are the following:
- Proactive health check
- Troubleshooting on issues the customer may be experiencing
- Demonstration of best practices for configuring, managing and basic troubleshooting
Performance and feature optimization
Items that are not part of the remote consulting engagement are the following:
- New setup or installation
- Actual deployment of new appliance
- Configuration changes
- Development or modification of custom scripts
- Professional services engagements
Black Cell’s customers receive all the benefits outlined below:
All incidents raised by the customer will be tracked in Black Cell’s Incident Management System with unique reference ID and prioritized according to their assigned Severity Level.
All incidents submitted by the customer are automatically assigned to priority queues within Black Cell Technical Support Team’s incident handling procedures.
Depending on the priority of the Incident, the tickets in the priority queues are automatically routed to Senior Level Technical Support Engineers.
Monitor all customer-raised incidents to facilitate timely, high-quality handling and resolution.
RULE SET MANAGEMENT AND STREAMLINING
Black Cell implements the initial device/software Rule Set developed by the customer that is approved by Black Cell during the implementation phase. The development, migration, and review of Rule Sets and/or Serviced Device/Software policies will be subject to the Change Management process. Customer may request changes to the Rule Set of a Serviced Device/Software. Black Cell evaluates, prepares, and implements changes to the Rule Set of a serviced device/software.
Change Requests are submitted and tracked through the Customer portal by Authorized Contacts registered. Black Cell assigns a unique Change Request number to each Change Request submitted and Customer must use this number in all communications about the Change Request. Black Cell reviews and accepts an RFC in accordance with the Service Level Agreements [SLA].
A named Black Cell Technical Support engineer and Service Delivery Manager who are dedicated to your account and will perform the following:
Conduct monthly Service Performance reviews.
Conduct quarterly customer account reviews.
Partner with you to understand your business and security needs and help you to maximize the benefit from your security solutions.
PROACTIVE COMMUNICATION AND ALERTS
Advanced notification of product enhancements, updates, upgrades and advisories.
Access to the VIP Customer Newsletter, VIP Customer Notification and Black Cell’s Whitepapers
MALWARE ANALYSIS [LAB]
Deep malware analysis
Generates comprehensive and detailed analysis reports.
Behaviour analysis in Windows, Mac OS, Linux, Android sandbox environments for advanced reports.
Fast scan with multiple anti-virus engine.
Send in your suspicious file for sanitization.
Forward your email attachments and get back it sanitized and cleaned.
Scan your file hashes and URLs
- One step ahead of threats
- Check if a file hash ever been marked as malicious.
- Scan any site to get convinced about its safety.
- Scan your own sites for malware injects, hidden redirects and errors.
Depending on the license, Black cell’s Technical Support Team can create tailored (custom) reports based on the following logs (depending on license purchased):
- All events on Customer’s devices/software
- The Events Report provides information about all events on your devices/software.
- Events that require Customer to take action are also shown in the Alerts report.
- A simplified version of the Events log. It shows the malware and potentially unwanted applications (PUAs) that we have detected and blocked.
- Audit Logs: A record of all activities that are monitored by Black Cell MSS Team.
- Data Loss Prevention [DLP] Events Log: All events triggered by data loss prevention rules for computers or servers.
- Message History: The email messages processed by Email Security for Customer’s protected mailboxes
- Message History Report
- Gateway Activity: All the network activity logs associated with Customer’s Web Gateway protection.
SIEM BASED REPORTING
With SIEM integration, Black Cell can improve the Customer’s threat intelligence, detection and response capabilities:
Tailored and better reporting, log analysis and retention
Greater visibility and centralised response
Detecting incidents that would otherwise not be detected
Increasing the efficiency of incident handling
Capabilities of Black Cell’s Security Operations Centre complement security devices/software by leveraging next generation of analytics.
The service includes vulnerability assessment provided by Black Cell’s Offensive Security Team.
A horizontal test, during which Black Cell uncovers, identifies the target system’s weak points that are prone to an attack. An in-depth investigation is not part of the testing, only the validation of the found vulnerabilities.
Types of the Assessment:
- Website / Web application inspection
- Network (LAN, WiFi)
- Mobile application
- Software inspection
Customer can get an extensive picture of the vulnerabilities being present in its system. In addition, Black Cell provides help for fixing the issues.