The Spear Blog

Integrations: The next evolution in the Spear Shield portfolio

Written by Max Harper | 27-Jul-2023 09:51:29

"The Spear Shield portfolio has taken another 'level-up' as our technology partners continue to find new ways of sharing telemetry and integrating with one another..."

Integration level-ups!

The Spear Shield portfolio has taken another 'level up' as our technology partners continue to find new ways of sharing telemetry, integrating with one another and providing our mutual customers the benefits that comes with building their holistic security eco-systems.

Spear Shield Vendors be like....

First up: Sophos and Microsoft

Many organisations utilise the Microsoft Security suite but lack the in-house expertise to use Microsoft's multi-product technology to be able to detect, investigate and respond to the hundreds of security alerts received every day.

Introducing... Sophos MDR for Microsoft Defender!

Want the benefits of a cybersecurity as a service approach with a managed SOC without having to rip and replace your existing security investments and re-invent the wheel?

Extend your internal resource with a 24/7 team of highly skilled security experts who will monitor, investigate, and respond to Microsoft Security alerts (and other 3rd party telemetry sources) and perform human-led response actions to help keep your business secure. 

The classic, age-old security salesman question:
"What's the thing that keeps you up most at night???"

Time matter's when you're under attack...

The longer an adversary is in your environment, the greater the probability they will achieve their objectives.

The Sophos MDR Ops Team is crushing the industry averages in response times:

Time to detect: 1 Minute
Time to investigate: 25 Minutes
Time to Remediate: 12 Minutes

Attacker Dwell Time

Incident data from the Sophos MDR team shows that the length of time attackers spend in victim networks ("dwell time") is increasing due to, in part, the techniques adversaries are employing to evade and prolong detection. With the response times we've just seen above, Sophos MDR can help dramatically reduce the dwell time available to attackers, usually measure in minutes, not hours or days.

Next up... Human Risk Management by Egress!

Unlike any other solution on the market, Egress generates an aggregated human risk score for each employee in your organisation by augmenting product telemetry, open-source intelligence, and behavioural data with threat data taken from any third-party security application via a two-way open API.

Example: Spear Shield Managed Phishing Simulation Service or our partners KnowBe4 feeding a user's phishing simulation results into a user's risk scoring to contribute to their risk profile.

It's time to reset user awareness training expectations...

The metrics behind building an employee's risk profile

Egress Human Risk Management takes into account (today!) x5 key metrics.

1. Inbound Risk - how often is this user being targeted with dangerous emails
2. Outbound Risk - how is this user interacting with dangerous emails? 
3. OSINT - does this user have any credentials exposed on the dark web
4. SAT - how susceptible is this user to simulated phishing tests
5. Intrinsic Risk - how long as the employee been with the company, what's their seniority and tenure in the business

Automating user controls based on an employee's risk scoring...

The next evolution of this is when a user's risk score reaches a higher risk threshold, products in the Egress Security suite automatically adapt their controls to help mitigate risk of your highest risk user's against advanced phishing threats, human-error and data exfiltration attempts. 

 

All sounds awesome. I'd like to learn more...

MDR for Microsoft Defender
Spear Shield are an award winning Sophos partner and Microsoft partner and have extensive experience helping organisations build internal business cases to adopt a SOC as a service approach. To learn how a Managed Detection Response can benefit your organisation and help utilise your existing security stack, speak with a member of the team today.

Egress Human Risk Management
Interested in understand the human-risk in your organisation?

Spear Shield are currently running a FREE Email security assessment. Over a 2-week period, we can give you insight into:

  • How many dangerous emails are slipping through the net
  • How susceptible your users are to phishing attacks
  • An understanding of the effectiveness of real-time teachable moments to help change user security behaviours at the point risk

Set-up is simple, there's no agents, minimal resource is required PLUS it includes x2 FREE Managed Phishing Simulations.

If you'd like to learn more, you can schedule a session with a member of the team today or contact the Spears at:

hello@spearshield.co.uk

01473 948980

Don't just take our word for it!

Check out some of recent customer success stories below.

About Spear Shield

Here at Spear Shield, we are continuing to invest in our goal to create one of the most cyber-secure client communities in Suffolk, East Anglia and across the UK.

Our approach is to work closely with IT teams and business leaders to help identify cyber risk, understand core business drivers and challenge the conventional approaches to legacy cybersecurity strategies to enable our customers to exceed their cybersecurity goals.

Spear Shield has a portfolio of award-winning cybersecurity solutions and services that we align to enable our customers to be able to solve even the most complex and advanced cybersecurity challenges.

The team at Spear Shield specialises in:
- Identifying and mitigating human-activated cyber risk 
- 24/7 Cybersecurity as a service - Managed Detection Response (MDR)
- Attack surface management with pro-active vulnerability management


If you would like to learn why organisations are choosing to secure with Spear Shield, please do contact a member of the team to arrange a confidential conversation today.

The team has several year's experience working within both the private and public sector, have a very consultative approach and would welcome the opportunity to learn more about your organisation.