Abaxio Managed Security

How can we help you today?

Let's Talk About Enhanced Security

SOC-as-a-Service Response in less than a minute. MSOC+ is an end-to-end software-only solution to deliver a hosted SIEM solution currently unmatched in terms of price and degree of automated response. Takes a big data approach to security intelligence using a next-generation, SIEM platform. Digests and analyzes terabytes of data per day, for all types of security and non-security data from anywhere on the network, anywhere in the world.

Our SOC responds in less than a minute

How about yours?

CFO’s have correctly figured out that outsourcing your SOC makes sense financially. That’s because MSSPs have an enormous advantage in the near-term analysis. The upfront cost of rolling out a functional Security Operations Center are almost entirely eliminated by the fact that the MSSP’s infrastructure and staff are already in place – all the MSSP needs to do is adapt their existing resources to the client’s particular needs.

mSOC
More importantly, however, outsourcing your SOC affords operational efficiencies that in-house operations have difficulty duplicating.

MSOC+ is an end-to-end solution using a combination of proprietary and off-the-shelf software and hardware to deliver a hosted SIEM solution currently unmatched in terms of price and degree of automated response.

MSOC+ is also unique that it is the only hosted SOC service which is backed by up to $500M in coverage by our A+ rated underwriter against a hack, breach or network downtime.

MSOC+

Download the White Paper

Get the white paper on the industry’s leading solution for managed SOC-as-a-Service.  Immediate download, no contact information to enter.

Defender-Detection Defecit

Response Time: Critical for any SOC

Using both standard and proprietary software, Abaxio reduces the time-to-respond of its Security Operations Center (SOC)’s from an average of 30 minutes to less than one minute for 80% of all ‘actionable’ security events.

This reduces the impact of any potential breach, reduces our reliance on human intervention, and increases our service level and reliability.

According to the Verizon 2015 Data Breach Investigation Report, “in 60% of cases, attackers are able to compromise an organization within minutes.”

The graph below highlights one of the primary challenges to the security industry, contrasting how often attackers are able to compromise an organization in days or less (orange line) with how often defenders detect compromises within that same time frame (teal line). Until today, the proportion of breaches discovered within days falls well below that of time to compromise. Even worse, the two lines are diverging over the last decade, indicating a growing “detection deficit” between attackers and defenders.

Cost Comparison

Abaxio prices its Managed SIEM service at less than half that of competing services.

Rhino Security Labs recently published a study analyzing the price differential between in-house vs. managed SIEM.  Their bottom line conclusion was as follows:

SECURITY OPERATIONS CENTERS: IN-HOUSE vs. MANAGED SECURITY*

    Green-Check-Mark
 In-House  MSSP  Abaxio
Upfront Costs**
 One-time MSSP fees  $     32,000  $     25,000
 Hardware and software one-time purchases  $   466,000
Total Capital Expenditure  $   466,000  $     32,000  $     25,000
     
Operational Cost Breakdown, 3-Year Outlook**
Annual MSSP fees  $   525,000  $   300,000
Incidental MSSP costs         20,000                 –
Software License Renewals / Upgrades       255,000
Vendor / Specialist Contractor Fees         65,000
Management Costs       295,000
Training & Certification         34,000
Asset Depreciation / Replacement       175,000
SOC Analyst Salaries & Benefits (2x FTE 24×7)       550,000
Misc. Operating Expenses           8,500
 Total Operational Costs  $1,382,500  $   545,000  $   300,000

* Published by Rhino Security Labs 2015
** Figures are averages drawn from actual RFPs generated by Rhino Security Labs.

Conclusion

Common sense might suggest that MSSPs will have a stronger lead in short-term scenarios, while a longer scenario can favor the in-house approach, but unfortunately this is rarely the case in practice. Prevailing conditions in the technology industry in general, and the cybersecurity industry in particular, tend to favor the MSSP approach even over ten-year timescales. Factors such as the rapid evolution of technologies and the ensuing pace of obsolescence, the difficulty of staff retention, talent shortages and the accompanying cost for employers, and the changing nature of cyber crime itself all tend to weight the scales against long term investments in infrastructure.

.

Next Steps – Let’s Talk

For more information about MSOC+, the industry’s leading managed SOC-as-a-service, please contact:

Louis Allan, Vice President, Business Development
admin@abaxio.com
+ 1 773 575 6800

Checking...

Ouch! There was a server error.
Retry »

Sending message...

Get Set Up on MSOC+ Today

Managed SOC-as-a-Service with Response Time of Less than One Minute.

Spambot blocker question

9 + 9 =

LEARN MORE
Business Continuity Instant Recovery. Abaxio's DRAS-Tek® is a software-only solution that provides point-in-time system recovery of any failed system, either locally or remotely. VMware and Hyper-V certified solution. Operate “business as usual” within a moment, and breathe easier with the time and resources to fully recover without incurring downtime. Automatic monthly testing certifies your Recovery Time Objective meets internal objectives.

What’s the Recovery Time for Your Infrastructure?

DRAS-TEK® from Abaxio is simply the most effect BC/DR product on the market. Why?

DraaSticAbaxio’s DRAS-TEK instant recovery is a software-only solution that provides point-in-time data recovery and speedy restore of any failed system, either locally or remotely. VMware and Hyper-V certified solution.  Operate “business as usual” within a moment, and breathe easier with the time and resources to fully recover without incurring downtime.  Automatic monthly testing certifies your Recovery Time Objective meets internal objectives.

Five Steps | 30 Minutes for True Business Continuity:

DRAS-Tek-Graphic-3

Next Steps: Let’s Talk

For more information about MSOC+, the industry’s leading managed SOC-as-a-service, please contact:

Louis Allan, Vice President, Business Development
admin@abaxio.com
+ 1 773 575 6800

Download Dras-TEK Product Sheet

Get True Disaster Recovery at the Industry's lowest price point

I am promo text. Click edit button to change this text. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.

Size of Server or DataMonthly Cost
First 500 GB$450
Each Additional 500 GB$80
Support 24x7, Includes Setup, and Immediate Access to Level 1 TechniciansIncluded

instantrecoveryInstant Recovery. DRAS-TEK recovers any server instantly on your network or ours providing immunity from any data disaster. Hardware independent, whether physical or virtual, bare metal, any operating system, Windows or Linux.

scalabilityScalability. DRAS-TEK is fully scalable, hardware-less solution. It can be deployed remotely, on any server or workstation, without expensive hardware, at a fraction of the cost and complexity of competing solutions.

fast setupFast, Turn-key  Setup.  DRAS-TEK takes about 10 minutes to configure per server, and our technicians can do it for you remotely at no extra cost.  All data is fully encrypted in motion and at rest.

granular recoveryGranular Recovery for MS Exchange.  DRAS-IX can instantly restore everything from individual email & contact items to your entire Exchange server.  Point-in-time recovery windows from 7 days to 7 years and more to satisfy any internal compliance mandate.

credibilityCredibility.  DRAS-IX is backed by up to $500M by our A+ rated insurance underwriters  against a hack, breach, or network downtime.  Please call for details of the coverage and for a sample policy.

supportFree Support 24×7.  The Abaxio team has the highest rated credentials in the industry.  Let the talent of our 50+ team of security experts go to work for you.  We are online and standing by 24×7.

Checking...

Ouch! There was a server error.
Retry »

Sending message...

Get Set Up on DRAS-Tek Today

Let's talk about true business continuity at the lowest price points in the industry.

Spambot blocker question

4 + 4 =

LEARN MORE
Penetration Testing Resilience. A critical component in a comprehensive approach to cybersecurity. Untested promises of a network’s resilience are no longer sufficient. Real trust is now established via skilled attempts to penetrate a network. Penetration testing identifies organizational weaknesses the same way an attacker would—by hacking it. This enables organizations to better understand and ultimately minimize the risk associated with IT assets.

Abaxio team members possess the most comprehensive security certifications available:

One of the most vital components in a comprehensive, top-down approach to cybersecurity is the Penetration Test, and for obvious reasons: Untested promises of a network’s resilience are no longer sufficient. Rather, trust is established by means of highly skilled but thwarted attempts to penetrate a network. Penetration testing identifies organizational weaknesses the same way an attacker would—by hacking it. This enables organizations to better understand and ultimately minimize the risk associated with IT assets.

The overall goal of a product penetration test is to uncover software vulnerabilities, demonstrate the impact of the weaknesses, and provide recommendations for mitigation.

Today, creating a truly secure IT infrastructure requires access to highly specialized knowledge, intelligence, and expertise in order to stay at least one step ahead of the evolving risks. Because Abaxio is an authority on information security, the MSP can leverage our subject matter expertise to solve these challenging business problems to deliver a higher level of customer service to its customer base.

Meet Our Red Team Leader

vline2-1pxMichael H. is a security consultant focused on the offensive side of security, and Abaxio’s current Red Team Leader. He holds several GIAC certifications (GSEC,GCIH,GPEN,GISP) along with the technical Offensive Security Certified Professional (OSCP) and Offensive Security Wireless Professional. Michael is also eWPT and eCPPT Gold Certified from eLearnSecurity. Primary experiences include Web Application Penetration Testing and Network Penetration Testing. As well, Enterprise Application Development background with ASP.NET (MVC/WebForms/WebAPI) and AngularJS. Michael came from a developer background before finding his passion in Application Security. Having the knowledge to code is essential in taking advantage of poorly written lines of it. He is currently studying for his GWEB Certification and has his eyes set on the CSSLP (ISC2) and AWAE (Offensive Security) Certifications. Experienced SANS Facilitator for several events, Michael is also in the process of becoming apart of SANS Quality Control team for On-Demand content.

Michael holds an A.S Degree in Software Development Technology.

From GIAC:
• GIAC Penetration Tester (GPEN) 10/14
• eLearnSecurity Web App Pen Tester (eWPT) 03/14
• GIAC Info-Sec Professional (GISP) 12/13
• GIAC Security Essentials (GSEC) 11/13
• GIAC Certified Incident Handler (GCIH) 01/12
• Offensive-Security Cert. Prof. (OSCP) 06/10
• Offensive-Security Wireless Prof. (OSWP) 08/11
• eLearnSecurity Cert. Prof. Pen Tester (eCPPT) (Silver/Gold) 12/10
From Microsoft®:
• Cert. Solutions Associate
• Cert. IT Professional,  Enterprise Desktop Support Technician – Windows 7
• Cert. Technology Specialist: Exchange Server 2010, Configuration
• Cert. Technology Specialist: Active Directory, Configuration 09/11
• Cert. Technology Specialist: Enterprise Windows Server 2008, Configuration
From Illinois Department of Insurance:
• Licensed Insurance Producer Property & Casualty (Commercial Lines) for Cyber Liability

LEARN MORE
Vulnerability Scanning Automatic Detection. Automate the life cycle of vulnerability management, assessment reporting and remediation tracking. Driven by the most comprehensive vulnerability knowledge base in the industry, Abaxio delivers continuous protection against the latest worms and security threats without the substantial cost, resource and deployment issues. Verify compliance against internal/external policies like PCI.

Vulnerability Assessment at Abaxio

Abaxio® Vulnerability Management (VM) automates the lifecycle of network auditing and vulnerability management across the enterprise, including network discovery and mapping, asset prioritization, vulnerability assessment reporting and remediation tracking according to business risk. Driven by the most comprehensive vulnerability KnowledgeBase in the industry, Abaxio delivers continuous protection against the latest worms and security threats without the substantial cost, resource and deployment issues associated with traditional software. As an on demand Software-as-a-Service (SaaS) solution, there is no infrastructure to deploy or manage.

Abaxio® VM enables small to large organizations to effectively manage their vulnerabilities and maintain control over their network security with centralized reports, verified remedies, and full remediation workflow capabilities with trouble tickets. Abaxio provides comprehensive reports on vulnerabilities including severity levels, time to fix estimates and impact on business, plus trend analysis on security issues.

By continuously and proactively monitoring all network access points, Abaxio® VM dramatically reduces security managers’ time researching, scanning and fixing network exposures and enables companies to eliminate network vulnerabilities before they can be exploited.

Policy Compliance Monitoring

Scheduled automatic testing to verify enforcement of HIPAA, SOX, SCAP and/or FISMA.

IT security, audit and compliance groups are under constant pressure to help the business comply with multiple regulations, and meet the demands of internal and external auditors. In addition, many regulations contain requirements pertaining specifically to the integrity and security of the IT environment. Using Abaxio’s automated Policy Compliance Monitoring (PCM), an organization can reduce the risk of internal and external threats, while at the same time provide proof of compliance demanded by auditors across multiple compliance initiatives. Abaxio’s PCM provides an efficient and automated workflow that allows IT security and compliance professionals to:

– Define policies that describe how an organization will provide security and integrity.
– Provide proof that the policies have been operationalized.
– Give documented evidence that the organization has discovered and fixed any policy compliance lapses.

Abaxio’s PCM extends the global scanning capabilities of its base Vulnerability Management to collect OS Configuration and Application Access controls from hosts and other assets within the enterprise, and maps this information to user-defined policies in order to accurately document compliance with security regulations and business mandates.

Checking...

Ouch! There was a server error.
Retry »

Sending message...

Let's Talk!

Send us your coordinates, you'll speak to a fully credentialed security expert asap.

Prevent Hackers from Penetrating Your Web Applications

Abaxio® WAS is a Cloud service you use through your browser, so there’s no software to install or maintain. You can accurately and efficiently test your apps, no matter where they are – on internal networks, hosted on the Internet or in Cloud platforms such as Amazon. Relied on by leading companies with some of the most demanding web apps in the world, Abaxio’s WAS will help you safeguard your apps, whether you have just a few apps or many thousands.

Identify OWASP Top 10 Risks

* Complete Web Security with WAF Integration
* No software to install, no upfront investments
* No ongoing maintenance
* Scale seamlessly from a handful of apps to thousands

PCI-DSS Compliance

Abaxio® PCI Compliance (PCI), powered by Qualys, provides businesses, online merchants and Member Service Providers the easiest, most cost-effective and highly-automated way to achieve compliance with the Payment Card Industry Data Security Standard. Known as PCI DSS, the standard provides organizations the guidance they need to ensure that credit cardholder information is kept secure from possible security breaches. Abaxio® PCI Compliance (PCI), powered by Qualys, draws upon the same highly accurate scanning infrastructure and technology that is used by thousands of organizations around the world to protect their networks from the security vulnerabilities that make attacks against networks possible.

Please use the following credentials to login to the report:
username (case sensitive): cFx
Password (case sensitive): cFxh9h5b3

 

Don’t forget to utilize the DRILL DOWN features of the report.
then:
CLICK HERE to see a Sample Vulnerability Assessment…
vline2-1px
Click the Image to Zoom
pci-dashboard

vm-map

vm-exploitablity

LEARN MORE
Cyber Risk Insurance Mitigate Risk. Abaxio is distinct in its recognition among most A+ rated insurance carriers - our clients are protected with financial remediation of up to $500M. A cyber breach is potentially devastating for an organization, and with incidents of hacking on the rise, we are waking up to the reality that protection is no longer optional: The trend for cyber breaches is on the rise. Did you know the out-of-pocket expense for uninsured risks is $3.7M?

Abaxio clients have up to $500M in cyber coverage with enhanced cyber defense

Cyber risks are a fact of life in a world of information and information systems. Any company dealing with electronic data whether it’s on mobile devices,
computers, servers or online faces such risks:–– Data loss due to compromise or human error,–– theft or loss of laptop(s) or thumb drive(s), –– network  or machine failure, hacking, malware, DDoS, etc., the list, unfortunately, is endless.

Standard Coverages for Abaxio Clients:

A sample of the coverages:

  • –Forensic Audit Expenses: Covers security assessment, to determine cause and extent.
  • –– Data Restoration Expenses: Covers restoration, recreation or recollection of electronic data.
  • –– Compliance Penalties: Covers civil fines, penalties imposed by agency, such as HIPAA, PCI, DSS, etc..
  • – Post-event Expenses: Covers event/breach communication such as letters, legal consultation, printing, mailing expenses.
  • Identity Theft Expenses: Covers call center set up, credit monitoring, victim cost reimbursement, etc..
  • –– Network Interruption (Extended Coverage only): Compensation for lost revenue.
How Costly is a Breach?

According to the most recent data available, the hard cost alone for the average cyber breach incident is $3.7M, or nearly $200 per customer record.  The soft costs are even higher. These include lost revenue (due to network interruption), tarnished corporate brand image, etc..

Cyber Coverage: A Universal Need

Every organization’s network needs to remain connected to the Internet without interruption.  As such, inherent risks have become unavoidable: From data loss on a single laptop, to a politically motivated DDoS attack.
The rising frequency of cyber breach is proof that the network and system safe guards currently in place are not enough to keep the attacks at bay.  Because of the overwhelming risk of such attacks, the only effective strategy available is to transfer the risk. Enter, Cyber Insurance.

Willing to Forgo and Take the Risk?

Don’t. According to the most recent data available, the hard cost alone for the average cyber breach incident is $3.7M, or nearly $200 per customer record.1
The soft costs are even higher. These include lost revenue (due to network interruption), tarnished corporate brand image, etc..
Cyber insurance mitigates both the financial and the reputational impact of a breach. It will provide coverage for the entire spectrum, from the data restoral to incident response services, legal and PR management. Of course, more details on the specific coverage are available upon request.

Comparing the cost of cyber policies

A Recent Cyber Quote For Texas Based Litigation Firm:
  • Competing
  • Abaxio Client

Checking...

Ouch! There was a server error.
Retry »

Sending message...

Let's Talk!

Send us your coordinates, you'll speak to a fully credentialed security expert asap.

Name of Company:
Physical Address:  
Contact Info:          
Submitted By:           
Limit Requested:      
Business Description:
                                       
Current Year Revenue:
Previous Year Revenue:




LEARN MORE