"... I was immediately back in business! As always, Endsight was very helpful and courteous."
Banners feature clients and employees of Endsight
Quote by Loretta D
In photo: Justin T, Igor K, & Jyan O
Photo by Aaron Y
Photo location: Endsight Berkeley office
Security Products & Services
Security is built into the very fabric of everything we do in relation to managing IT. For the past several years, Endsight has been recognized as an industry leader in security several years in a row by winning the CRN's Managed Services Provider 500 award in the Security 100 category. The following are each of products and services related to security.
- Endpoint Antivirus
- Asset Management and Vulnerability Scanning
- First-Party Patching (FPP)
- Third-Party Patching (3PP)
- Security Dashboard
- Email Protection
- Web Filtering
- Endsight Security Fundamentals Review
Endsight Recommended Security Enhancements
- Managed Threat Response
- Phishing Testing and Training
- DNS Protection (with reporting)
- Inbound DNS Proxy
- Intune/MDM Policy Setup
- Annual vCISO Review
Security Additions and Services
- Customized Security Awareness Training
- SaaS Protection/Endpoint Backup
- Web and Application Control
- Azure Cloud Protection
- Server Disk Encryption
- Data Loss Prevention
- DMARC Reporting
- IR/BCP/DR Plan Testing and Implementation
- SEIM (Log Aggregation/Correlation and Analysis)
- Penetration Testing
- Policy Writing and Review
- Regulatory Compliance Review
Products Included in All Plans:
Endpoint Antivirus
The antivirus application, standardized and installed by Endsight, serves as the first line of defense between your data and the threat actors attempting to exploit it. Endsight uses the latest Next Generation detection products to not only prevent but to hunt down threats as they appear. This tool is not just a shield, but a potent sword. Our offering is bolstered by Artificial Intelligence and enhanced by a system of global telemetry, enabling it to learn about emerging threats within seconds of their release, from anywhere in the world.
Asset Management and Vulnerability Scanning
Endsight leverages non-invasive scanning technology to generate real-time lists of workstations and servers. From there, our tools analyze all software present on each endpoint and compare versions found to master databases of Common Vulnerabilities and Exposures (CVE). Endsight uses our tools to correlate this information against a repository of over 200 supported software packages, making sure systems stay updated to their latest compliant versions without manual intervention.
First-Party Patching (FPP)
Out-of-date operating systems are nearly always the vehicle cybercriminals use to expand a successful security breach into a widespread outbreak. Endsight software agents configure and deploy specific management modules which ensure endpoints are always up to date and supported while giving our engineers centralized management and reporting tools. We also support all current Mac products, allowing us to manage and maintain appropriate OS levels for Apple devices.
Third-Party Patching (3PP)
Used in conjunction with our vulnerability scanning tools, our Third-Party Patching (3PP) leverages an approved software repository of over 200 commonly-used, and supported applications. Endsight management tools then identify out-of-date versions and deploy patches and updates when needed, automatically, within a maintenance window of your choosing. For software outside of the approved list, our account managers can work with you directly to create a customized package.
Security Dashboard
The Endsight Security Dashboard introduces accountability and visibility into your stack of protection tools. The Dashboard, built using Microsoft’s Power Platform suite, gathers measurable statistics like patching levels, antivirus deployment status, or even Operating System versions. The Dashboard connectors also extend into the “cloud” to gather even more security related information from Microsoft 365 and Azure platforms. This data rolls up into a secure digital format that is available on demand, online, at any time.
Email Protection
Email is the number one way malicious software enters a protected environment. Threat actors have become extremely sophisticated at exploiting this platform. Endsight has leveraged our long-term partner status to include Email security solutions based on Microsoft 365 Defender. The email protection policy tuning and monitoring is included for managed clients with a new or current M365 Business Premium or equivalent subscription. Non M365 customers can take advantage of an alternative, hosted offering that is setup and deployed by our Professional Service engineers.
Web Filtering
Email protection is just one layer of your online defenses. Endsight also includes Web Filtering services to every client under an agreement. The Web Filtering service provides three key defensive functions:
- Removes the ability to access all known malware sites
- Restricts traffic from unknown software and invalidated IP addresses
- Removes access to command-and-control servers which are used by threat actors to infiltrate vulnerable systems
Endsight Security Fundamentals Review
Our security teams has curated a specific set of questions and data points to evaluate on a performance review. These questions are integrated into our general technology review to ensure that our partners have a good basis on the standard cybersecurity fundamentals. Items like MFA adoption, EDR/MTR adoption, and phishing training are all included, as well as a deeper dive into specific issues like lifecycle management. These questions combine with the Security Dashboard to help partners have a good handle on the basics of cybersecurity as well as a plan to get beyond just ‘the basics’. These reviews are included in all of our plans that contain IT strategy consulting.
Endsight Recommended Security Enhancements:
A layered approach to safeguarding your digital assets is proven to be most effective. A well-built stack of tools, designed to be layered on and in support of one another, forms the basis of our Security Enhancement recommendations.
Managed Threat Response
Endsight’s Managed Threat Response (MTR) service directly leverages the virtual muscle of our core endpoint antivirus product. This product is then further enhanced with an Endpoint Detection and Response (EDR) toolkit to gather extensive forensic information about each endpoint AND the systems around that endpoint. Within seconds of a threat detection, the EDR tools alert a 24/7 Security Operations Center (SOC) staffed with experienced security professionals (MTR Team) who take immediate action on your behalf. The MTR Team remains on top of the incident until the threat is contained or removed. Furthermore, the MTR Team gathers all necessary data about the cause and extent of the incident for remediation services, law enforcement, or insurance investigators.
Phishing Testing and Training
Endsight Phish Testing uses some of the same techniques used by threat actors. But instead of deploying those techniques to trick end users and infiltrate your network, we leverage them to educate your employees. Once staff members begin a Phish testing campaign, a discreet series of emails are sent, meant to bait users into clicking “dangerous” links. If a user gets caught in the phish net, they are provided access to a short training course explaining what to look out for the next time around. Content and duration of campaigns is entirely customizable.
DNS Protection (with reporting)
The Domain Name System (DNS) is simply the method used to determine where data traffic is supposed to go when two or more systems try to communicate. Endsight DNS Protection restricts traffic, thus communication, to certain areas of the Internet. The tool can reduce points of attack used by threat actors by removing their ability to reach your systems or exfiltrate data. The actions here occur at the DNS level, effectively extending your defenses beyond the computer or office.
Inbound DNS Proxy
Once subscribed, Endsight registers your company DNS records with a preferred DNS provider. From there, we configure a DNS proxy service for any public facing Internet resources like a company website or on-premises email server. The DNS proxy service acts as a gatekeeper against malicious traffic from SPAM domains or DDoS attacks while ensuring legitimate traffic is passed along. This same solution is in use today by most major banking institutions, the FBI and many other branches of the Federal government.
Intune/MDM Policy Setup
In the face of an increasingly de-centralized workforce, the insurance industry and regulatory bodies recommend organizations manage their endpoints centrally. To accomplish this, Endsight:
- Designs a customized Intune/MDM Policy and enrolls all company managed endpoints in Microsoft Azure.
- Deploys the tools to configure hundreds of settings on enrolled devices, instantly and globally
- Achieves a level of management and security hardening beyond any industry or insurance requirements
We can even take this a step further by using Intune/MDM policies to configure and deploy new company workstations prepared with all required software and settings within minutes.
Annual vCISO Review
The Endsight vCISO (virtual Chief Information Security Officer) is a highly specialized role. During an engagement, the vCISO is responsible for understanding, reviewing, and aligning your information resources with your specific security goals. The vCISO’s activities include:
- Reviewing the current environment
- Updating appropriate technologies to approved current standards
- Presenting findings and facilitating a planning session with your company representatives
The annual vCISO review is performed by individuals holding best-in-class industry certifications. Our process ensures your organization stays up to date and compliant, while eliminating security gaps as your organization evolves.
Security Additions and Services
Every company is different, and security is not one size fits all. Endsight offers a selection of Security Additions designed to bolster your level of protection or fill a specific security function.
Customized Security Awareness Training
Security Awareness Training tailored to your specific needs and industry bridges the gap between intention and reality. This education goes far beyond the normal phishing campaigns or security alert emails. Endsight Security Awareness Training is designed to dive deep and introduce the concepts of effective security ”hygiene”.
SaaS Protection/Endpoint Backup
Endsight backs up individual workstations, in addition to central file and data repositories, for increased data security for a distributed workforce.
Web and Application Control
We provide security for web applications developed for partners. Endsight protects and firewalls custom developed web applications to enhance its security.
Azure Cloud Protection
Security for web applications developed for partners. Endsight protects and firewalls a custom developed web application to enhance its security.
Azure Cloud Protection
The Cloud as we know it is a vast array of tools and platforms, each of which has its own security needs and concerns. Endsight can deploy Microsoft’s protection technologies in the Azure environment to further protect the platform and data residing inside from malware and attacks.
Server Disk Encryption
Server Disk Encryption is less common than workstation Disk Encryption. Endsight can assist with the implementation. Certain regulatory bodies (e.g., HITRUST) make this a requirement of on-premise server products.
Data Loss Prevention
As companies decentralize and move services to the cloud, the traditional walls of protection no longer exist. Today the focus is protecting the data itself rather than a branch office or a file server. Endsight can work with you to design Information Protection policies paired with Data Loss Prevention technology at whatever level is appropriate for your situation. All of this ensures your decentralized data stays fully managed, governed and accessible to only the right few at the right time.
DMARC Reporting
DMARC is a reporting mechanism to assist with spam protection and mail flow control. When this service is included, Endsight deploys DMARC reporting to grant increased visibility into mail flow and potential issues to ensure partner mail always flows well.
IR/BCP/DR Plan Testing and Implementation
The ability of a company to contain threats and maintain operations is vital to digital survival. Endsight services enable the creation, maintenance, and implementation of key security solutions including:
- Incident Response – The systems and processes to detect, isolate, and communicate threats to your environment
- Business Continuity - The mechanisms developed to continue to operate your business when the core locations are impacted.
- Disaster Recovery – The tools and methods to fall back from a threat condition into normal operations.
SEIM (Log Aggregation/Correlation and Analysis)
Security Event and Incident Management (SEIM) allows customers to aggregate logs from many sources, providing a holistic view of network activity and allowing better threat management. This is quickly expanding as a required Cyber Insurance product.
Penetration Testing
The Penetration Test is one of the most powerful and necessary services to determine your level of network hardening. Endsight works with several qualified vendors who perform the testing, manages the teams involved, and presents the results.
Policy Writing and Review
Endsight has a great deal of experience writing information technology policies and plans. We help form the guidelines and standards necessary to develop your regulatory reports. Examples include an Acceptable Usage Policy for HR, an all-encompassing Technology Security Policy, Data Destruction Policy, and Clean Desk policy, among other examples.
Regulatory Compliance Review
Endsight can provide uplift and guidance through the review process for several regulatory frameworks including:
- CMMC
- NIST
- PCI
- HIPAA
- CCPA
A complete compliance review includes a dedicated Endsight Security Professional working directly with customer stakeholders to identify gaps and plan remediation efforts.