Enhanced detection and response services delivered from cloud

Tata Communications’ enhanced detection and response services are built to address the ever-changing cyber threat landscape to support digital transformation. Our MDR platform is part of a comprehensive threat management solution that is powered by industry-leading platforms and home-grown solutions. With collective learning of a decade of experience in managed security services, this platform brings in efficiencies to reduce mean time to detect, qualify and respond for multi-stage attacks by introducing automation through AI and ML capabilities.

Our SIEM service offers security event detection and rapid incident response capabilities. The result? It enables compliance and at the same time provides an integrated, centralised view for visibility into attacks against your infrastructure, providing intelligence and insights for mitigation against these threats. Our threat management services have a security-as-a-service model bundled with a centralised, cloud-based SIEM installation and on-site that enable us to tailor a solution specific to the size and scope of your enterprise environment.

UEBA solutions use analytics to build the standard profiles and behaviours of users and entities (hosts, applications, network traffic and data repositories) across time and peer group horizons. Activity that is anomalous to these standard baselines is presented as suspicious, and packaged analytics applied on these anomalies can help discover threats and potential incidents. The most common use cases sought by enterprises are detecting malicious insiders and external attackers infiltrating their organizations (compromised insiders).

Security Orchestration Automation and Response (SOAR) is a combination of technical capabilities and built-in processes to automate manual and time-consuming security analysis/management tasks. SOAR, as part of our threat management solutions, is based on a highly efficient, secure and scalable platform. By subscribing to this service, the customer will have access to industry best practices for protection against advanced persistent threats, reduced administrative complexity, reduced cost and mean time to respond.

Cyber Threat Intelligence as a service is a proprietary intel platform, which delivers contextualized feeds and advisory to customers. It is a centralized repository of Indicators of Compromise (IOC), that would also be used for IOC enrichment and to provide context. To supplement and enhance this intel platform and service, Our Global threat intelligence with visibility to 100K indicators of compromise significantly improves the accuracy & response time

Deception technology is a revolutionary new way to detect the stealthiest cyber-attacks. With this offering, the attacker must get his attack right every time to remain undetected. With the use of deception, the SOC team is enabled to act on every mistake the attacker makes. It arms a customer with an arsenal of digital tripwires to turn the tables on even the most advanced hackers. It involves creating a knowledge gap for attackers diverting and slowing them down in their quest for information and at the same time, knowing what attackers desire creates the opportunity for an active, intelligent defence to lure, detect, and defend.

Tata Communications’ threat management services deliver threat hunting as active cyber defence activity by proactively and iteratively searching through the network to detect and isolate subtle threats that evade existing security layers. Instead of passive intrusion detection, Threat hunting should be leveraged for: ✓ Malware stealth: Passive intrusion detection doesn’t work because of the stealthy techniques used by cybercriminal organizations and the malware they produce. Today’s malware can easily evade antivirus software through polymorphic techniques. ✓ Evolving attack vectors: Attackers are innovating at a furious rate, which results in new forms of attack that are developed regularly. ✓ Dwell time: You can’t afford to wait weeks or months to learn about incidents. From the moment of intrusion, the cost, damage, and impact from a breach grow by the hour and by the day. The average time to detection of 220 days is no longer acceptable.

Online brand abuse can result in major reputational damage, dilution of the business message, corporate identity theft and lost revenue. The business needs to be aware of such issues and be proactive in terms of potential abuse through implementing cyber threat management services. Brand monitoring is the process of monitoring various online digital channels. Brand abuse has become increasingly sophisticated, more widespread and is often the primary vector to launch more complex attacks on an organisation.