|
Perimeter's CounterPhish Service provides clients with the ability to identify phishing attacks and eliminate false websites quickly. Perimeter deploys a well-defined incident management process that employees of clients can easily follow. The service includes escalation to CERT and other authorities and operates on a 24/7 basis. Phishing attacks on weekends and in multiple languages can be addressed, and the service averages a 3-hour take-down time for phishing sites in contrast to a nearly 6-day industry average.
Our CounterPhish Service will monitor the Internet for early signs of a phishing attack. Verification that a phishing attack is underway is quickly completed and notification, if necessary, is provided. The attack is traced, the ISP or hosting provider of the site and domain name services is contacted, and the site is shut down. Once the “false" site has been successfully shut down, the client will be notified, and the site will be monitored for changes continuously for 30 days. Once the case is closed, the collected information will be compiled including all of the data forensic information from the phishing attack. This information will be sent to the financial institution to forward it on to authorities and/or keep it for insurance purposes.
Once the site is identified it is added to the phishing list of the top web browsers (Explorer and Firefox) and are blocked at the browser level going forward.
The service also allows the customer to notify us of a phishing site through our on-line customer portal. These sites are immediately taken down.
Click here to learn more about our CounterPhish Service |
|
|
Pharming Defense Application Services |
|
Perimeter's Pharming Defense Application Services protects your customer's confidential data and your company's reputation from pharming attacks. In a pharming attack, a hacker copies all of the graphics from your website and builds a home page that looks exactly like the real thing. Then the customer is redirected to the fake site, where an unsuspecting user enters ID, password and other confidential information which the hacker will "pharm" for illegal purposes. This is alarming because it usually goes undetected, by both the company and the user, until well after the damage has been done. These attacks prey upon the negligence of an organization, and therefore monitoring your website becomes both a liability and reputation issue.
Perimeter's Pharming Defense Application Services quickly detects a pharming attack so that a remedy can be initiated before any significant harm takes place. The service includes a DNS monitor, an SSL certificate monitor and a web defacement monitor that work together to insure the integrity of a website and web transactions. This real-time service is non-intrusive, easy to install, and provides instant notification of attacks. Click here to learn more about our Pharming Defense Application Services |
|
|
Vulnerability Assessments |
|
Network Vulnerability Assessments are critical in securing an organization’s network. Most organizations perform these assessments annually or quarterly at the most. The difficulty with this level of frequency is that new network vulnerabilities are discovered daily. Since networks often change due to patching, new machine installations, and many other reasons, your vulnerability posture can change just as often. Also, many regulatory bodies recognize the value of vulnerability assessments, including the PCI Council which published the PCI-DSS regulation. With so many reasons to scan, it makes sense to consolidate all these scans inside one easily accessible location that includes scan scheduling, report review, and remediation recommendations.
Perimeter eSecurity offers many scanning services to best fit your needs. Scanning services are divided into the following types: - External - this vulnerability scan uses hardware outside of your network to scan the outside of your network for vulnerabilities. The same web-based portal is included for easy service management and reporting with this service as is included in the Internal service.
- Internal – this option allows you to turn any supporting hardware into an internal scanner that searches for vulnerabilities within your network. The same web-based portal is included for easy service management and reporting with this service as is included in the External service.
- PCI – this external scan is customized to include the required Statement of Attestation and Self-Assessment Questionnaire. In addition to the management and reporting portal, this option provides additional reporting options including an overview of your PCI compliance status and more insight into any areas that may fall out of compliance.
Within each service listed above there are two versions to select from to provide the optimal solution for your needs: - On Demand – this version gives you complete control over scan scheduling and allows you to schedule unlimited scans for unique hosts.
- Managed – this version brings our expertise to you. We will configure and schedule a monthly scan for you. Our security experts will then review the outcome and discuss the findings with you. Additional consulting is available upon request as well.
Click here to learn more about our Vulnerability Assessments
|
|
|
