Security Services

The devices that people use to connect to your corporate network (including devices operated by remote users) are secured by a range of protect and respond functions. Syntax has designed its robust MDR (Managed Endpoint Detection and Response) solution to enhance monitoring of devices for security-relevant activities with proactive threat hunting. The entire solution can be integrated with other security infrastructure and provides three key benefits: 

• Simplified threat detection and elimination using best-in-breed technologies combined with the expertise of the security specialists at the Syntax SOC 

• Optimum security efficiency with Alert Mapping within the MITRE Adversarial Tactics, Techniques and Common Knowledge (ATT&CK™) Framework 

• Reinforcement of other elements of this pillar to block malicious activities before they even attempt to connect 

This pillar is designed to create a Zero Trust Network Architecture (ZTNA) – an encrypted end-to-end secure tunnel, for secure user access to all your on-premises, SaaS and web applications that allows you to: 

• Eliminate lateral movement possibilities from connection through application thus minimizing exposure by shrinking your attack surface, including to internal risks. 

• Allow the ability to scale Zero Trust effortlessly, by protecting critical applications or highest risk user groups first, then expanding internet-native ZTNA to your entire operation. 

• Foster a stronger employee experience by allowing teams to securely communicate and collaborate while facing fewer security gateways that might get in their way. 

The third pillar of Syntax Security Services addresses potential risks at the operating system layer. Syntax integrates industry leading technologies that are permanently available to create a service solution that adapts flexibly to your IT environment as it grows and changes, with the following advantages: 

• Response protocol is close to real time, documenting the required measures (current patches, quarantine for priority systems, servers, assets and/or files, removal of installed software, termination of processes, etc.) 
• Automatic capture and analysis of IT, security and compliance data in a scalable, integrated back-end system
• Customisable monitoring functions provided through an Elasticsearch cluster that gives you an overview of all assets, including local systems, endpoints and cloud assets, in seconds 

Consolidated SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation and Response) functions form the fourth pillar of our security posture. These manage all security information and present forensic data when security events occur. You can also generate individually customised reports tied to your business metrics and KPIs covering a range of vital activities: 

• Detailed analyses in SIEM format of data from devices, nodes, endpoints, event logs and other relevant sources, to provide a systematic, consolidated overview 

• Use of SOAR elements to bring together and analyse input from across the entire threat landscape using ML (machine learning) models 

• Automation of routine administrative tasks allowing the Syntax SOC team to concentrated on higher-level analyses, ensuring that new, particularly sophisticated threats are not overlooked