Threat Analysis and Risk Assessment TARA | Sangfor TIARA

What is TIARA & MTR?

what is tiara

TIARA & MTR

TIARA

TIARA

TIARA Assessment: preliminary lightweight security posture assessment service, designed to help customers determine the current threat posture of their entire network in a short period of time. TIARA Recommendations: improvement plans and remediation assistance to take the overall security posture to the next level. TIARA is a turnkey service, including Sangfor HW and SW constructed to help customers quickly gain a broad-spectrum understanding of their current threat posture.

MTR

MTR

MTR is an ongoing service designed to conduct comprehensive threat analysis and asset identification. MTR services will boost the effectiveness and efficiency of daily security operations and controls, improve the overall organizational security posture and facilitate the maturation of security operations. MTR Root-Cause Analysis: Sangfor security experts conduct root cause analysis and provide long-term suggestions for improvement. MTR Recommendations: Take advantage of seasoned Sangfor security experts with ties to many different industries and a vast array of experience with the most varied security situations.

What Keeps the CISO’s Up at Night?

What Keeps the CISO’s Up at Night

Value and Benefits - TIARA

TIARA and MTR Provide CISO's...

  • A long-term security posture improvement plan and access security experts to identify root causes of attacks.
  • Business Impact Analysis (BIA) to help management understand the importance of asset prioritization and the business impacts should assets be compromised.
  • Provide lightweight network risk assessment and suggest a course of action to achieve risk acceptance, avoidance, mitigation and transference.
  • Security event correlation and identification of potential threats before they morph into security incidents.
  • A rich security protection experience for any industry or enterprise dealing with potential devastating security breaches.
  • Evaluation of the efficiency and effectiveness of existing security practices and suggestions on how to improve.

Value to CISOs

  • Credible assessment of your current security posture delivered by independent and certified consultants with unbiased opinions.
  • Significantly improve your current security posture by addressing misconfiguration and deploying additional security controls.
  • Improve business continuity and achieve compliance while minimizing legal issues.
  • Improve security benchmark among peers.
  • Significantly improve security operation productivity with minimum investment.  

TIARA Case Study

Customer Profile

In 2018 a mid-sized financial services company, serving the investment needs of large enterprises, SOEs, banks and insurance companies, discovered that two of its virtual servers were infected with two different types of ransomware. Sangfor deployed their Endpoint Secure and Cyber Command solutions.

Existing Security

  • Protection Perimeter Gateways
  • Endpoint Protection
image

Pitfalls of the Traditional Approach

icon

Limited Detection

Traditional FW and AV are limited to known attacks

icon

Narrow Space

FW blind to internal activities & AV limited to managed endpoints

icon

Lack of Security Operations

Protection available without response capabilities

icon

Wide Open

FW is designed to open doors to apps & partners.

  1. Before Deployment

The customer’s IT department reported two incidents of ransomware, and unsure if they had more hidden threat lurking in the system, they called in TIARA.

  1. After Deployment

1 week after Cyber Command was deployed, TIARA uncovered hundreds of servers infiltrated with mining malware, among several other security issues.

Sangfor Helps Customers Improve Security Control

Instead of providing event-based remediation methods, Sangfor’s security consultants perform analysis of all security events, followed by event correlation and diagnosis, identifying the source and root cause of all security issues. Sangfor’s experts provide a Threat Analysis Report (TAR) which includes business impact, security gap analysis, detailed description of the issues and potential impact, and professional long-term remediation recommendations.

The customer implemented Sangfor’s recommendations and remediated all threats and risks identified, thus improving the overall security posture, enabling the customer to meet regulatory compliance standards and raising the overall security capability maturity ranking.

image