Threat Vision.
How we support your security solution.
The Threat Vision product suite overview
Threat Vision keeps a watchful eye across your infrastructure, monitoring potential threats to ensure you are secure. We offer a choice of solutions that can be tailored to your needs, provide varying levels of security – all with support available 24/7/365 from our UK-based experts.
The Threat Vision product suite has been developed by our in-house cybersecurity team and is based on high-performance technology housed in our UK data centres. We’re chosen to host some of the UK Government and MoD’s most important services: you’re in the safest of safe hands with ANS.
Threat surveillance
Threat Surveillance provides you with the tools to build multiple lines of defence and ensure that your infrastructure remains secure, facilitating an effective response to cyber threats with rapid detection and device alerts.
Proactively monitor activity across all your devices: Threat Surveillance provides real-time alerts and visibility, along with preventative measures, by collecting, collating and exporting all event log data into ANS’s SIEM platform. Your data is securely stored for future reference and auditing.
Event-driven analysis, mapped to the MITRE ATT&CK framework, detects any indication of compromised security.
The most critical events are highlighted through severity rating so they can be handled first.
Real-time alerting ensures quick detection and enables rapid response, and battle-tested SOAR playbooks ensure the highest level of preparedness.
Benefit from automatic intrusion prevention responses running on your devices, blocking known attack patterns using ANS’s threat intelligence feeds.
Monitor specific files and folders for any changes that will indicate any malicious activity occurring across your infrastructure.
Gain rich insight into how secure your device is with a maturity rating against industry benchmarks.
View all your security metrics through your ANS Portal dashboard, allowing you to focus attention on areas of concern.
Conduct both internal and external vulnerability scanning to detect weaknesses, allowing you to improve your security posture through remediation.
The support we provide
Threat Surveillance comes with full support for its set-up and administrative maintenance plus White Listing and Patching services by the Threat Vision team. This covers the agent.conf, Anubis, reassigning of credits, assigning new credits and fixing/updating services.
(Threat Surveillance primarily uses Nessus and Wazuh: more information can be provided on request)
The Threat Vision team support further information on all alerts that come through via calls, tickets and emails; for instance, providing the client with hashes, exact changes made, functions that made the change and an overall engineer consensus of the cause of the alert.
Full remediation advice similar to Threat Scan’s plus assistance with patching the following infrastructure vulnerabilities:
- Port opening/closing on Host-based firewalls.
- Port opening/closing on dedicated and shared firewalls.
- Package updates and patches.
- Basic configuration changes (Regedit’s, IIS).
- Any patching beyond the above may be done at the engineer’s discretion.
Certifications and accreditation
Always hosted in our UK-based, wholly-owned data centres, a dedicated server from ANS guarantees UK data sovereignty. The epitome of security, our 100% carbon neutral data centres are ISO 27001 and PCI-DSS compliant, with 24/7/365 security monitoring.