TIARA
Threat Identification, Analysis and Risk Assessment
TIARA

TIARA Assessment
Preliminary lightweight security posture assessment service, designed to help customers determine the current threat posture of their entire network in a short period of time.

TIARA Recommendations
Improvement plans and remediation assistance to take the overall security posture to the next level.

TIARA is a turnkey service
Including Sangfor HW and SW constructed to help customers quickly gain a broad-spectrum understanding of their current threat posture.

MDR
MDR is an ongoing service designed to conduct comprehensive threat analysis and asset identification. MDR services will boost the effectiveness and efficiency of daily security operations and controls, improve the overall organizational security posture and facilitate the maturation of security operations.

MDR Root-Cause Analysis
Sangfor security experts conduct root cause analysis and provide long-term suggestions for improvement.MDR Root-Cause Analysis: Sangfor security experts conduct root cause analysis and provide long-term suggestions for improvement.

MDR Recommendations
Take advantage of seasoned Sangfor security experts with ties to many different industries and a vast array of experience with the most varied security situations.
Scope of Incident Response Service



External Attack Surface Assessment
External Attack Surface Assessment



Indicator of Compromise (IOC) Determination
Indicator of Compromise (IOC) Determination



Malware In-depth
Malware In-depth



Malware Family and Type Identification
Malware Family and Type Identification



Malware Eradication
Malware Eradication



Initial Attack Vector Identification
Initial Attack Vector Identification



Remediation
Remediation



Kill Chain / Chain of Infection Determination
Kill Chain / Chain of Infection Determination
Incident Response Service Deliverable

External Firewall Ruleset and Configuration Review Report

Automatic Security Incident Report

External Attack Surface Assessment Report

Threat Analysis and Remediation Report

Security Strengthening and Reinforcement Proposal

Yearly Security Incident Report
TIARA Case Study
Customer Profile
In 2018 a mid-sized financial services company, serving the investment needs of large enterprises, SOEs, banks and insurance companies, discovered that two of its virtual servers were infected with two different types of ransomware. Sangfor deployed their Endpoint Secure and Cyber Command solutions.
Existing Security
- Protection Perimeter Gateways
- Endpoint Protection

Pitfalls of the Traditional Approach

Limited Detection
Traditional FW and AV are limited to known attacks

Narrow Space
FW blind to internal activities & AV limited to managed endpoints

Lack of Security Operations
Protection available without response capabilities

Wide Open
FW is designed to open doors to apps & partners.
- Incidents of Ransomware Detected
The customer’s IT department reported two incidents of ransomware, and unsure if they had more hidden threat lurking in the system, they called in TIARA.
- Incidents of Ransomware Detected
The customer’s IT department reported two incidents of ransomware, and unsure if they had more hidden threat lurking in the system, they called in TIARA.
- Incidents of Ransomware Detected
The customer’s IT department reported two incidents of ransomware, and unsure if they had more hidden threat lurking in the system, they called in TIARA.
Blog
See More