Menu
If you suspect an active attack on your business, call our emergency hotline at: 612-399-9680
If you suspect an active attack on your business, call our emergency hotline at: 612-399-9680
Vulnerability Management / Testing
Enterprise Cybersecurity
Get a FREE 30-Minute Cybersecurity Consultation
Battle-hardened Cybersecurity Experts
CHAT LIVE WITH A CYBERSECURITY EXPERT
Next-generation Vulnerability Management (VM) and Testing
CHAT LIVE WITH A CYBERSECURITY EXPERT
Is your company ready to respond to a cyber attack? Our VM services keep you protected 24/7 with on-going vulnerability assessments and device monitoring. Get a free 30-minute consultation call with our CEO, Joe Kingland, and discover how to safeguard your company from cyber attacks.
- Experience with HIPAA, HITRUST, PCI-DSS and NIST Cybersecurity Framework
- Your #1 Choice for Battle-hardened Cybersecurity Rescue & Protection Services
Discover how well your cybersecurity program is working.
It’s not enough to know which vulnerabilities exist within your organization. Knowing doesn’t protect you from an attack, and it often doesn’t meet compliance requirements. Vulnerability management addresses what happens after your network and application vulnerability scans take place. It not only identifies the vulnerabilities, but also prioritizes them and shows how your vulnerability program is performing over time.
Vulnerability Management from Blue Team Alpha provides guidance and reports that let you see trends, so you can accurately assess how well your company is performing when it comes to cybersecurity. These reports allow you to identify where more resources are needed to shore up defenses against an attack and whether you are meeting certain compliance requirements.
Vulnerability Management from Blue Team Alpha provides guidance and reports that let you see trends, so you can accurately assess how well your company is performing when it comes to cybersecurity. These reports allow you to identify where more resources are needed to shore up defenses against an attack and whether you are meeting certain compliance requirements.
Here are a few recent cybersecurity cases we handled...
Phishing and Ransomware
An attacker gained access to a logistics company’s VPN network through a phishing email scam. The attacker went undetected for months, wired approximately $300,000 from the company’s bank account into their personal account, and set off a ransomware attack that encrypted all of the company’s computer assets. BTA set up camp on site and devoted more than 300 man hours. We had the business back up and running in just three days and reimaged 300 workstations in five days.
Business Email Compromise (BEC)
The President of a construction company realized he wasn’t receiving financial emails from clients. He contacted his MSP to investigate, and while they did find and remove some suspicious email forwarding rules, they did not find them all. The attacker attempted to steal money from a client, but fortunately the wiring instructions contained an error, which alerted the company that the attack was still ongoing. The BTA team came in and was able to identify and remove the well-disguised email forwarding rules. We implemented measures to harden the company’s email service and validated that the attacker had not gained access to anything other than email.
Advanced Persistent Threat (APT)
A manufacturing company realized they had unknowingly been under attack for months when $700,000 was moved out of their company bank account in error. They then realized they also weren’t receiving payments from some customers. It turns out an attacker was rerouting payments to a personal account. BTA was called in for rescue services. We evicted the attacker, delivered containment, and the company has not had another cybersecurity issue in more than 12 months since following our remediation recommendations.
Ransomware
A company that produces point-of-sale systems for major retailers was the victim of a ransomware attack. Roughly 90 percent of their 100 servers were encrypted by the attack, and they actually saw the attacker at work trying to delete their backup jobs. In this emergency situation, the BTA team went to a 24-hour schedule to contain the outbreak and limit further damage. We took their entire production environment offline and restored everything from their SAN snapshots. We evicted the attacker, changed all of their passwords, conducted a full Office 365 review, and got them back up and running within a work week.
Vulnerability Management Service Levels from Blue Team Alpha
LEVEL 1
- Co-Managed vulnerability management tooling
- Monthly internal credentialed and uncredentialed scanning
- Monthly external uncredentialed scanning of infrastructure hosts (Web Application Scanning sold separately)
LEVEL 2
- Co-Managed vulnerability management tooling
- Monthly internal credentialed and uncredentialed scanning
- Monthly external uncredentialed scanning of infrastructure hosts (Web Application Scanning sold separately)
- Analysis and prioritization of identified vulnerabilities
- Vulnerability management program documentation
- Organization and participation in client vulnerability management meetings
- Monthly vulnerability program review
- Vulnerability management policies and documentation
LEVEL 3
- Co-Managed vulnerability management tooling
- Monthly internal credentialed and uncredentialed scanning
- Monthly external uncredentialed scanning of infrastructure hosts (Web Application Scanning sold separately)
- Analysis and prioritization of identified vulnerabilities
- Vulnerability management program documentation
- Organization and participation in client vulnerability management meetings
- Monthly vulnerability program review
- Vulnerability management policies and documentation
- Hands-on keys remediation assistance
- Adherence to client’s change control processes and cadence
We're here to help! Give us a call at 612-888-9674 with questions about how we can help protect your business.
