Copyright 2015-2019 - Coordinates

SECURITY ORCHESTRATION

Integrated stack of advanced security solutions that enables the delivery of Cyber Security Managed Detection & Response services for our clients.

cor. Orchestration and Automation Mechanisms

cor. distributed architecture allows us to offer scalable monitoring across our client infrastructure regardless of the technology used in their datacenter or remote sites.

cor. Local being deployed at the client site for advanced on-premises correlation and data residency compliance.

A unidirectional threat intelligence feed is pushed from our data centers to cor. Local subscriber allowing the detection of the latest threats occurring world wide.

Event Logs concentrators are deployed in all remote sites with a high ratio compression before sending it to the main cor. appliance for events correlation, minimizing the impact on the client's inter-site bandwidth.

Capabilities

Alert across different sources of detection

Define customizable Security workflows with and without human intervention

Offer additional layers of events correlation 

Automate playbooks for accelerated Incident Response

Streamline Security processes through machine-powered

Integration with virtually any security device or critical information asset

How does cor. Automation Process help?

Sample Scenario: Failed User Logins

Current Drawbacks:

  • It’s possible for attackers to brute-force their way into accounts by obtaining the email address and resetting the password 

  • Tricky behavior to preempt because there are high chances of it being a genuine employee resetting their password

  • Constant communication between end users and SOCs to separate the anomalies from the usual is critical.

With cor. Security Automation and Orchestration

While most of the Security Service Providers would enforce their specific technology stack to enable their Managed Security Services framework (Monitoring, Detection for Response & remediation), Coordinates Security Automation & Orchestration platform allows our clients to maintain their current investments in their various security products including but not limited SIEM, Endpoint technologies, Vulnerability Assessment Management among others.

 

Furthermore, the cor. platform allows 

  • Our security architects to automate low-level, time-consuming tasks to focus on more serious indicators of threats and exploits

  • Cut down the investigation time significantly through automating investigation retrieving & correlating logs from across security systems (current & historical) without the legacy requirement for analysts to switch between tools, screens, logs, and various security products.

  • Provide triage recommendation services for our analysts to act upon.

DOWNLOAD

COR.DATASHEET

8500%

Attacks involving cryptojacking increased by 8,500 percent in 2017.

90%

of all email is spam and viruses

88%

Clicking links within email accounted for 88% of all reported phishing

130

There are over 130 large-scale, targeted breaches in the U.S. per year, and that number is growing by 27% per year

$2.4M

The average cost of a malware attack on a company is $2.4 million

$5.0B

Ransomware damage costs exceed $5 billion in 2017, 15 times the cost in 2015.