MSS and Integration

Vendor competencies

Sophos
RevealedThreats
FireEye
Imperva
Vectra
Flowmon
Cyberark
Demisto
Splunk
QRadar
Devicelock
Forcepoint
Nexpose
Acunetix
metasploit
Recorde Future
Palo Alto

MANAGED SECURITY SERVICES

PROVIDED BY BLACK CELL

GENERAL DESCRIPTION OF THE SERVICE

Black cell offers customers its own customizable Managed Security Services (Hereinafter MSS).

  • Support is available:
    • 8 hours / 5 days
    • 24 hours / 7 days
  • Support is offered in English and Hungarian

Black Cell’s Technical Support Team will respond to and resolve customer submitted problems related to the Product installation, administration and operation in accordance with the Service Level Agreements [SLA], described in this document, in order to:

  • Answer general questions not addressed in the Documentation
  • Address issues resulting from Product not functioning as described in the Documentation.
  • Provide help and guidance regarding the threat detection
  • Provide help and guidance regarding extended policy configuration and customer filter optimization.

Communication method:

  • Ticketing tool
  • E-mail
  • Phone

IMPLEMENTATION

Depending on the size of the project and the complexity of the implementation, Black Cell will assign Project Manager for the seamless delivery.

Project Manage responsible for the following tasks:

  • Planning Project Resources (both external and internal)
  • Assembling and Leading Project Team
  • Time Management
  • Quality and Satisfaction
  • Managing Issues and Risks
  • Monitoring Progress
  • Reporting and Documentation

CORE SERVICES

REMOTE CONSULTING

Key services provided as part of the remote consulting engagement are the following:

  • Proactive health check
  • Troubleshooting on issues the customer may be experiencing
  • Demonstration of best practices for configuring, managing and basic troubleshooting
  • Performance and feature optimization

Items that are not part of the remote consulting engagement are the following:

  • New setup or installation
  • Actual deployment of new appliance
  • Configuration changes
  • Development or modification of custom scripts
  • Professional services engagements

TROUBLESHOOTING

Black Cell’s customers receive all the benefits outlined below:

  • All incidents raised by the customer will be tracked in Black Cell’s Incident Management System with unique reference ID and prioritized according to their assigned Severity Level.
  • All incidents submitted by the customer are automatically assigned to priority queues within Black Cell Technical Support Team’s incident handling procedures.
  • Depending on the priority of the Incident, the tickets in the priority queues are automatically routed to Senior Level Technical Support Engineers.
  • Monitor all customer-raised incidents to facilitate timely, high-quality handling and resolution.

RULE SET MANAGEMENT AND STREAMLINING

Black Cell implements the initial device/software Rule Set developed by the customer that is approved by Black Cell during the implementation phase. The development, migration, and review of Rule Sets and/or Serviced Device/Software policies will be subject to the Change Management process. Customer may request changes to the Rule Set of a Serviced Device/Software. Black Cell evaluates, prepares, and implements changes to the Rule Set of a serviced device/software.

Change Requests are submitted and tracked through the Customer portal by Authorized Contacts registered. Black Cell assigns a unique Change Request number to each Change Request submitted and Customer must use this number in all communications about the Change Request. Black Cell reviews and accepts an RFC in accordance with the Service Level Agreements [SLA].

SERVICE MANAGEMENT

A named Black Cell Technical Support engineer and Service Delivery Manager who are dedicated to your account and will perform the following:

  • Conduct monthly Service Performance reviews.
  • Conduct quarterly customer account reviews.
  • Partner with you to understand your business and security needs and help you to maximize the benefit from your security solutions.

PROACTIVE COMMUNICATION AND ALERTS

  • Advanced notification of product enhancements, updates, upgrades and advisories.
  • Access to the VIP Customer Newsletter, VIP Customer Notification and Black Cell’s Whitepapers

ADVANCED SERVICES

MALWARE ANALYSIS [LAB]

Deep malware analysis

Generates comprehensive and detailed analysis reports.

  • Behaviour analysis in Windows, Mac OS, Linux, Android sandbox environments for advanced reports.
  • Fast scan with multiple anti-virus engine.
  • Send in your suspicious file for sanitization.
  • Forward your email attachments and get back it sanitized and cleaned.

Scan your file hashes and URLs

  • One step ahead of threats
  • Check if a file hash ever been marked as malicious.
  • Scan any site to get convinced about its safety.
  • Scan your own sites for malware injects, hidden redirects and errors.

CUSTOM REPORTING

Depending on the license, Black cell’s Technical Support Team can create tailored (custom) reports based on the following logs (depending on license purchased):

  • All events on Customer’s devices/software
    • The Events Report provides information about all events on your devices/software.
    • Events that require Customer to take action are also shown in the Alerts report.
  • A simplified version of the Events log. It shows the malware and potentially unwanted applications (PUAs) that we have detected and blocked.
  • Audit Logs: A record of all activities that are monitored by Black Cell MSS Team.
  • Data Loss Prevention [DLP] Events Log: All events triggered by data loss prevention rules for computers or servers.
  • Message History: The email messages processed by Email Security for Customer’s protected mailboxes
    • Message History Report
  • Gateway Activity: All the network activity logs associated with Customer’s Web Gateway protection.

SIEM BASED REPORTING

With SIEM integration, Black Cell can improve the Customer’s threat intelligence, detection and response capabilities:

  • Tailored and better reporting, log analysis and retention
  • Greater visibility and centralised response
  • Detecting incidents that would otherwise not be detected
  • Increasing the efficiency of incident handling
  • Capabilities of Black Cell’s Security Operations Centre complement security devices/software by leveraging next generation of analytics.

VULNERABILITY ASSESSMENT

The service includes vulnerability assessment provided by Black Cell’s Offensive Security Team.

A horizontal test, during which Black Cell uncovers, identifies the target system’s weak points that are prone to an attack. An in-depth investigation is not part of the testing, only the validation of the found vulnerabilities.

Types of the Assessment:

  • Website / Web application inspection
  • Network (LAN, WiFi)
  • Mobile application
  • Software inspection

Expected Results

Customer can get an extensive picture of the vulnerabilities being present in its system. In addition, Black Cell provides help for fixing the issues.

Top