In the ever-advancing landscape of cybersecurity, organizations face constant challenges in safeguarding their data. As threat actors become more sophisticated in their attempts to break through your organization’s defenses, protection solutions need to follow suit. This article will review GadellNet’s new security solution, Blackpoint Cyber, and how it will help elevate your organization’s security posture.
What is Blackpoint
Blackpoint is an MDR with SIEM capabilities. MDR, or Managed Detection and Response, is a cybersecurity toolset combining technology and human expertise to perform threat hunting, monitoring, and response. SIEM, or Security Information and Event Management, tools are used to collect and sift through large amounts of raw data and logs within a centralized platform. Utilizing behavioral logic, rules, algorithms, and machine learning, a SIEM solution can trigger notifications identifying indicators of compromise. One of the main problems with traditional versions of these solutions is alert fatigue. Determining which alerts matter and then how to respond to each one requires time. And time is of the essence when it comes to a cyberattack.
Blackpoint addresses this problem by offering a fully managed Security Operations Center as a Service (SOCaaS). Their SOCaaS ecosystem delivers nation-state-grade real-time detection and response with efficient log collection and storage. Blackpoint, in essence, is a hyper-efficient MDR solution, boasting proactive threat response and security compliance with the fastest speed on the market.
MDR
Blackpoint’s MDR platform combines network visualization and endpoint security to deliver the fastest response times in the market. Blackpoint MDR harnesses threat intelligence around suspicious or remote activity to catch what other SIEM and EDR (Endpoint Detection and Response) solutions miss. Then, it takes real human action.
24/7 MDR means we can fight back immediately and close the gap between the identification of the threat and action taken to remedy it. The result is rapid identification and neutralization of lateral movement in its earliest stages.
SOC
The Blackpoint Security Operations Center (SOC) can identify and prevent cyber threats in real-time. A SOC offers a centralized view to monitor and ensure the performance of an organization’s endpoints, networks, assets, and locations. This 24/7 team is dedicated to monitoring networks, detecting breaches, and responding rapidly to contain advanced threats, aiming to prevent compromising the organization’s security.
Blackpoint boasts an impressive average detect and respond time of 16 minutes for on-prem incidents and only 7 minutes for cloud incidents.
Cloud Response
Currently, 79% of organizations view cloud security as their primary challenge and 69% report their cloud solution led to a data breach of some kind. It is undeniable that the cloud is being targeted. Blackpoint finds cloud environments are targeted 9 times more often than on-prem.
To combat this, Blackpoint’s Cloud Response applies MDR to your cloud solution, including Microsoft’s Azure Active Directory, SharePoint, and Exchange along with Google Workspace. That means the 24/7 SOC can see contextual data within your cloud environment and provide immediate and active responses to threats should they arrive.
Cloud Response consists of the following abilities:
- Manage your Microsoft Azure AD and Exchange policies
- Control and customize Azure AD, Exchange, and SharePoint event email notifications across a tenant
- Set up alerts for malicious login analytics
- Create detection alerts for malicious email forwarding rules
- Enable the SOC’s ability to disable an account, should a threat arise
- Control and customize individual user event email notifications within a specific tenant, including future travel dates
LogIC
IBM states in their 2023 Cost of Data Breach Report that non-compliance with regulation is one of the top three biggest cost amplifiers. To support organizations in the quest to become, and remain, compliant with security regulations, Blackpoint employs its LogIC solution.
LogIC auto-maps your security products and services against hundreds of compliance requirements all at once, helping clarify where you are in terms of compliance. Its logs are stored as read-only in the different zones with standard AES-256 encryption in compliance with:
- SEC rule 17a-4
- PCI-DSS
- HIPAA/HITECH
- FedRAMP
- EU GDPR
- FISMA
LogIC also includes an auto-answer capability that does the heavy lifting when it comes to the complicated levels and processes employed by most compliance requirements.
Get Started Today
At GadellNet, our commitment to offering top-tier cybersecurity solutions is unwavering. We’re excited to bring you this advancement in our services as we roll out Blackpoint Cyber. This is more than just a software change; it’s a strategic enhancement to protect your digital infrastructure more effectively.
If you have questions about rolling out Blackpoint to your organization, reach out to your Account Manager or Strategic Consultant. Or, if you’d like to learn more about GadellNet’s cybersecurity solutions, contact us today.