Stealth-ISS Group ® Inc.

MANAGED DETECTION & RESPONSE

THE PROBLEM

• Do you know what systems are currently compromised?

• What about the attack tactics and techniques that are taking place?

• Do you know where the attacks originate from?

Businesses like yours need detection and response services, but may
lack the skills or resources to combat today's advanced threats.

Despite the investment of anti-virus and firewall prevention

solutions, adversaries continuously demonstrate that yesterday's
security stack is no match for today's attack tactics and
techniques.
 THE SOLUTION

Stealth Group’s Managed Detection & Response Service combats the daunting volume of cyber-attacks, helping
you avoid becoming the next victim.

We deliver 24/7 protection and visibility across 3 attack pillars.

www.stealth-iss.com

Endpoint
Windows & macOS event log monitoring, breach
detection, malicious files and processes, threat
hunting, intrusion detection, and more.

Network
Firewall and edge device log monitoring integrated
with threat reputation, whois, and DNS information.

Cloud
Office 365 securty event log monitoring, Azure AD
monitoring, Office 365 malicious logins, Secure
Score.
 CYBER DEFENSES

WE DETECT MALICIOUS & SUSPICIOUS ACTIVITY EVADING CYBER DEFENSES

www.stealth-iss.com

Files / Executables Scripts / Tools Cryptomining

Worms, trojans, rooted files, PowerShell, root kits, WMI, Miner clients, browser
macros hacker utilities cryptojacking

Connections Events TTPs

Unauthorized foreign Cleared security logs, Attacker tactics, techniques
connections, backdoors, failed logins, escalated & procedures
services privileges
 A SOLUTION FOR MANY CYBERSECURITY USE CASES

Stealth Group monitors your environment 24/7, triaging alerts, tracing threats, correlating data, and facilitating
remediation to help your business manage security risk and minimize financial losses.

• Terrorist Network Connection Detection

www.stealth-iss.com

• Advanced Breach Detection (TTPs)

• Suspicious Event Log Monitoring

• On-demand Threat Hunting

• Suspicious Network Services

• Suspicious Tool Detection

• Crypto-mining Detection

• Threat Intelligence Feeds

• On-demand Malware Analyzer

• System Process Verifier

• Malicious File Detection

 SERVICE OFFERINGS

Compromise Assessments
KEY BENEFITS
Despite the investment of firewall and anti-virus solutions, adversaries continue
infiltrating small business defenses. The compromise assessment identifies if • Low-cost security
www.stealth-iss.com

the customer is breached and how it happened. monitoring service

Managed EDR • Remediation guidance

to resolve threats
Managed endpoint detection and response (EDR) delivers continuous
monitoring, anomaly detection, and forensic details supporting incident • Monitors internal and
responders. external activity

This spans the auditing of the file system, registry, and monitoring of processes. • Minimal in-house
security skills needed

Managed Threat Hunting

The Stealth Group security team augments your staff by actively seeking
malicious actors and activities and prohibiting attackers from reaching their
tactical objective. Proactive hunting and investigations find what you don’t know
– the unknown compromise.
 KEY FEATURES
SIEMless Log Monitoring
We monitor, search, alert and
report on the 3 attack pillars:
network, cloud, and endpoint log
data spanning:
www.stealth-iss.com
• Windows & macOS security
events
• Firewall & network device events
• Office 365 & Azure AD cloud
events
Intrusion Monitoring
We provide real-time monitoring of
malicious and suspicious activity,
identifying indicators such as:
• Connections to terrorist nations
• Unauthorized TCP/UDP services
• Backdoor connections to C2
servers
Threat Intelligence & Hunting
Real-time threat intelligence
monitoring, connecting to premium
intel feeds.
Our Analysts utilize intel telemetry
to hunt bad actors.
NextGen Malware
We use malware prevention or
leverage a command and control
app for Microsoft Defender backed
up with a secondary line of defense
using our malicious detection of
files, tools, processes, and more.
Breach Detection
We detect adversaries that evade
traditional cyber defenses, such as
Firewalls and AV. We identify
attacker TTPs and align with Mitre
Att&ck, producing a forensic
timeline of chronological events to
deter the intruder before a breach
occurs.
PSA Ticketing
Our analysts investigate each alert,
triaging the data and producing a
ticket to your PSA system
accompanied with the remedy
details so you can focus on your
operations without hiring security
engineers.
 OUR MANY SOLUTIONS

Office 365 Log Monitor Office 365 Login Analyzer Office 365 Secure Score
Multi-tenant event log monitor for all We detect successful and unsuccessful Overall description of cloud security
www.stealth-iss.com

accounts linked to Microsoft Office 365 logins outside the expected countries, posture with itemized remediation plans
providing visibility into users, groups, known malicious IP addresses and across all Office 365 tenants.
Azure Active Directory, activity and more. adversaries, exposing unauthorized
authentication activity.

Defender Manager Cyber Terrorist Network Connection Advanced Breach Protection (TTPS)
We provide a full multi-tenant command We can detect network connections to We continuously monitor for attacker
and control of Microsoft Defender. We nation-states that are known to engage in Tactics, Techniques, & Procedures that
have the power to utilize the advanced cyberterrorist activities targeting small circumvent security prevention defenses
capabilities, including Attack Surface businesses. such as Anti-virus and Firewalls.
Reduction, Advanced Ransomware
protection, and more.
 OUR MANY SOLUTIONS
Threat Hunting
We provide you with the investigative
www.stealth-iss.com
capabilities to find malicious activity
through 17 categories of analysis, e.g.
processes, hashes, URLs, and IOCs.
Cryptocurrency Mining Detection
We monitor for Cryptojacking, the
unauthorized use of a computer to mine
cryptocurrency. Detects for endpoint
presence and in-browser javascript miners.
Suspicious Network Services
We monitor well-known services that are
commonly leveraged for malicious intent
and detect unnecessary services mitigating
a potential backdoor.
Firewall Log Analyzer
We provide multi-tenant firewall log
monitoring acting as a syslog collector.
Messages are parsed, analyzed and
enriched with threat intel for potential
threat indicators. When a threat or security
event is detected, message details show
up in the console.
Suspicious Tools
We detect suspicious tools that should not
be present on SMB networks, such as
hacking utilities, password crackers, and
other tools for malicious intent.
On-Demand Malware Analyzer
We analyze files for viruses, trojans, and
malicious content and respond with a
verdict of malicious or benign.
 OUR MANY SOLUTIONS

System Process Verifier Malicious File Detection Suspicious Event Log Monitor
We analyze system processes for known We monitor and detect malicious files that Our Microsoft Windows & macOS event
www.stealth-iss.com

suspicious or malicious behaviors based are written to disk or executed. This app is log monitoring detects and alerts security
on various factors, including disk image used as a backup for detecting malicious related activities, such as failed logins,
location, timestamp fingerprinting, and files that slip past your primary Anti-virus clearing security logs, unauthorized
Levenshtein distance calculations. solution. activity, etc.

Threat Intelligence Feeds Webroot Monitor SentinelOne Monitor

We deliver threat feeds, delivering We report on Webroot threat detections. We report on SentinelOne threat
actionable information on attackers. detections.
 SOFTWARE-AS-A-SERVICE

Cloud Agents Provide Continuous Monitoring

On servers, desktop, and laptops on the network, on the go or in the cloud, Our Cloud Platform agents are always on, giving you
continuous visibility of all your Windows assets. The cloud agents are remotely deployable with your favorite RMM, centrally
managed and self-updating.
www.stealth-iss.com

Cloud Console Cloud Agent

Where multi-tenant The lightweight agent that
administration of enables 24/7 monitoring and
provisioning, reporting, and
configuration of security apps connects to security apps.
occurs.

API Security Apps

Push/pull data from third Purpose built endpoint
party integrations, such as detection and response apps
threat intelligence feeds and for Windows systems.
PSA systems.
 SERVICE DELIVERY

• Month to month, 1 year, 2 years or 3 years

• Service Tiers: 1-5

• All tiers include installation, setup,

configuration, fine tuning, alerting, breach
www.stealth-iss.com

reports, proactive threat hunting, advanced

breach detection (TTPs), and opensource and
commercial threat intelligence feeds
Stealth-ISS Group ® Inc.
ABOUT US
 ABOUT US

Stealth – ISS Group® Inc. (est. 2002) act as your extended IT, cyber security, risk and
compliance team and provide strategic guidance, engineering and audit services, along with
technical remediation and security operations. We pride ourselves on the quality and
professionalism of our workforce, collaborative relationships with our clients, and our ability to
bring you innovative, customized but affordable vendor agnostic solutions based on your
www.stealth-iss.com

immediate needs while aligning with your business strategy and operations. We add massive
value and save you money on staffing a permanent security organization.

We are a passionate about protecting companies and agencies from all facets of cyber-crime,
protecting your people and company data, reducing your information and financial losses, and
protecting your reputation.

Stealth Group consistently delivers trusted, world-class cyber security and IT solutions. By
delivering tailored solutions, and highly qualified cyber experts, Stealth Group has earned its
spot on the Inc. 500 list, a list of America’s top entrepreneurs. We speak the truth in security and
go great lengths to build trust with our customers by professional and high-quality service
delivery, and by offering effective, uncomplicated, and economical solutions.
 STEALTH GROUP CAPABILITIES
www.stealth-iss.com
 STEALTH GROUP DIMENSIONS OF CYBER
www.stealth-iss.com
THANK YOU

HQ – ARLINGTON, VIRGINIA OFFICE LOCATIONS

4601 North Fairfax Drive, Suite 1200 Huntsville, Alabama
Arlington, VA 22203
Las Vegas, Nevada
London, England
Dubai, United Arab Emirates
Bratislava, Slovakia

Stealth-ISS Group® Inc. | www.stealth-iss.com | bizdev@stealth-iss.com