Last fall, CDW helped one of its clients — the director of information security for a midsized energy firm in the Midwest — deal with a situation that had him frustrated and looking for some advice. He knew that his firm was behind the curve in adopting security technology, putting it at risk of compromise, but he just couldn’t convince the organization’s leadership that the investment in a security refresh would be worthwhile.
After speaking for a few minutes, we suggested that he consider using CDW’s complimentary Threat Check service. This service is designed specifically for technology leaders seeking to understand the current state of their security infrastructure and build the business case for security enhancements. He agreed, and over the next six weeks, we worked together to deploy Threat Check in his environment and gain a snapshot of the company’s security posture.
What Is Threat Check?
CDW’s Threat Check service is a complimentary security assessment that gives customers a quick view into the security posture of their network. The service is designed to quickly provide actionable results without placing significant demands on the customer’s team. When you sign up for the service, CDW’s engineers ship you a preconfigured appliance loaded with our security assessment tools. All you need to do is connect it to your network switch and power it on. The dedicated CDW engineer will take care of the rest. The device will then passively monitor your network, analyzing network traffic for signs of vulnerabilities or malicious activity and then feed this information back to CDW’s team of expert analysts for review.
The Threat Check appliance is loaded with state-of-the-art security technologies that include:
- Cisco Firepower next-generation firewall with advanced malware protection (AMP). This tool analyzes network traffic for signs of compromise, while incorporating important contextual information about users, applications, devices and the current threat landscape.
- Tenable Nessus Network Monitor, which passively observes network traffic for signs of vulnerable systems. By observing the communication patterns of servers and devices, Nessus Network Monitor can identify missing patches, weak configurations and other security issues that require attention.
- Carbon Black’s CB Response tool, which applies advanced malware detection capabilities through sensors deployed on endpoints, identifying active compromises and allowing intervention before new compromises occur.
- Splunk Enterprise, a security information and event management solution that receives information from the other components of the Threat Check appliance and correlates those results to a deeper level of analytics capability.
Running a Threat Check assessment not only provides you with an evaluation of your current security posture but also gives you an opportunity to test drive state-of-the-art security tools. You’ll be able to preview how these tools might work in your own environment before purchasing them yourself.
Detecting Security Threats in Unexpected Places
When we ran Threat Check at the client’s energy company, the results were alarming. We expected to find some opportunities to improve the organization’s security, but what we found was an active security incident under way. Attackers had installed malware on a server within the company’s network and were using it to steal sensitive information. The security director quickly jumped on this situation to contain the damage and then used the results of the assessment as the leverage he needed to obtain funding for a refresh of the company’s security infrastructure.
This blog post brought to you by: