Jeff Tutton, President
Threat attackers are constantly searching for opportunities to bypass an enterprise’s security safeguards. It is no longer a matter of if, but when. Needless to say, it is not recommended to simply patch the breach during or after a cyber-attack operation with new feature implementations, rather the goal is to deploy real-time incident response and digital forensics countermeasures to get operations back to normal.
“We emphasize identifying the root cause that facilitated an opening for a cyber-attack,” says Jeff Tutton, President of Intersec Worldwide.
Led by subject matter experts, Intersec Worldwide is a premier full-service cybersecurity company that provides detailed forensics reports and analysis to help organizations quickly respond and recover from cyber threats. Intersec Worldwide blends the same proactive services and technologies represented in their Managed Detection and Response (MDR) services. This enables their IR clients to easily transition into their MDR services platform.
Drawing on decades of industry expertise, Intersec Worldwide has identified several new challenges that can threaten an organization’s cybersecurity posture. Chief among them is the increased use of applications from third-party vendors/partners, which has widened the surface of attack. The reality is that hybrid work environments have forced businesses to broaden their “borders” of safety beyond that of physical walls.
“Our security approach blends MDR and DFIR practices which enable us to offer well-rounded security solutions for remediation, live cyber-attack detection and prevention, and advanced threat prevention,” explains Bill Corbitt , Vice President, DFIR Services at Intersec Worldwide.
Intersec Worldwide begins each compromise or ransomware event by deploying incident response tools which provide deep root analysis in identifying threat vectors and implementing active countermeasures. Intersec then leverages digital forensic capabilities to gather images, artifacts and memory captures to further understand the place of threat activity and its nature. Intersec Worldwide’s detection analysis entails evaluating and understanding the client’s existing controls and the Indicators of Compromise (IOCs).
Intersec also carries out threat hunting, threat detection, containment, eradication and remediation—within the security environment. Afterward, Intersec Worldwide’s DFIR and compliance team work together to understand and evaluate existing controls. Finally, Intersec will suggest solutions and tools which gives their clients better control over their enterprise security environment. In IR instances where clients use custom-coded solutions, Intersec Worldwide has the capability to help quickly analyze each line of code within the environment. When needed, Intersec can also assess clients’ GitHub repositories for signs of breaches and/or compromises, SQL injection, and cross-site scripting.
As an aspect of full analysis, Intersec Worldwide deploys its penetration team to test weaknesses in clients’ applications, firewalls, and networks, down to the Directory Service level. Later, Intersec Worldwide performs forensics and remediates the environment. To preempt future cyber-attacks, Intersec Worldwide can leave in place technologies used during the compromise event and easily “switch” their clients directly over onto their full MDR platform.
“For clients who completely outsource their security needs to us, we provide comprehensive MDR reports to the board of directors and stakeholders,” says Tutton.
Our security approach blends MDR and DFIR practices, enabling us to offer well-rounded security solutions for remediation, live cyberattack detection and prevention, and new threat prevention
Beyond offering cyber security solutions, Intersec Worldwide provides a Virtual CISO that can also operate as an interim CISO. They manage and monitor the organization’s security posture from the executive to technical level. Intersec Worldwide remains product agnostic, which enables them to offer best-fit solutions for clients. Intersec Worldwide continually is researching new and innovative solutions. When necessary while meeting a specific client’s need, they will work with the client to implement them where needed.
As a PCI Forensic Investigator (PFI) Intersec has a deep understanding in both DFIR and the payment card environments which allows them to identify and uproot idle or probable attack vectors.
Holding such an immense value proposition, Intersec Worldwide’s services have rescued many organizations from live cyber attacks, and the firm has re-architected clients’ entire security environments. Many of their clients have retained Intersec Worldwide as their trusted security partner even after mergers and acquisitions. In essence, the firm’s end-to-end services and forensics prowess critically outweigh the limited capability of traditional IR services.