We are focused on delivering value as a Managed Service Provider (MSP) (cybersecurity, data protection and backups, business continuity, etc.) so that our clients can focus their energy and resources on their activity, on what really matters: their business, not worrying about secondary or non-essential activities and guaranteeing the quality of service by signing Service Level Agreement contracts (SLA).
Ednon’s ambition is to be your trusted technology partner, so our goal is to provide you tranquility by delivering value through our services, resulting in better operations and lower costs.
Threat Detection Engineering (TDE) is another fundamental capability of our SOC significantly strengthening the ability to detect and respond to security threats.
Threat Detection Engineering (TDE) is an engineering process that allows to deploy signals, alerts or automatisms in order to improve detection capabilities. The aim of this process is to cover all the cases that the tools do not cover by default, taking advantage of other parts of the telemetry so as to increase the number of detections, this will improve visibility and, therefore, will reduce the “dwell time” significantly after each new detection.
ENOC-CSRIT relies on different tools to collect intelligence from open sources in order to improve the knowledge base of reactive security tools.
MISP is a nuclear element of ENOC-CSIRT as it is connected in a bidirectional way with other MISP instances of other CSIRTs, as well as the National Network of SOCs (RNS) and CSIRT.es, sharing threat intelligence with the entire network of CSIRTs. This allows us to collect, for example, Indicators of Commitment (IOCs), shared in real time by the network of defenders, and apply it to the technological tool stack of the SOC, and if applicable, to the software/security equipment of our customers.
REYES (valid only for Spanish public sector organizations): this is a solution developed by the CCN-CERT to streamline the work of analysis of cyberincidents and share information on cyberthreats. It’s a cyberintelligence exchange tool.
Through this centralized information portal any investigation can be carried out quickly and easily, accessing from a single platform the most valuable information about cyberincidents. Information contextualized and correlated with the main sources of information, both public and private.
The information core of REYES is based on MISP (Malware Information Sharing Platform) technology, which is enriched with external sources of information that allow faster prevention and response to incidents.
Our analysts are present in all phases of the life cycle of an incident, from the preparation with periodic reports, new detections own after campaigns of TH (Threat Hunting) and TDE (Threat Detection Engineering), their subsequent identification and once they identify a threat as relevant to the containment, eradication and recovery phases.
When dealing with a security incident, analysts are activated to actively collaborate with our customers to collect the necessary information through “Live incident response” processes. The acquired evidence will allow an in-depth investigation in order to identify entry vector, artifacts and indicators in order to contain the threat, eradicate the threat actor from the client’s infrastructure and allow the prompt recovery of affected assets.
Cyber surveillance allows us to anticipate new threat models that are prepared outside the perimeter of the organization’s network, to know and reduce exposure to potential attackers, as well as monitoring such threats and associated risks in order to be able to act in a timely manner, leading to sound decisions.
EDNON’s cyber surveillance service is dedicated to observing external networks (Internet, Deepweb, Darknet, etc.) to find these risk signals through:
For this purpose, we have our own tool called Silvia
Our goal is to handle critical cybersecurity incidents, resolve immediate problems, and put solutions in place to address the systemic causes of the incident. A security commitment doesn’t have to mean the same as a disaster. Threats outlook is full of highly qualified, well-funded and motivated adversaries whose sole job is to overcome your security measures, and thus, steal, deliver malware, and generally disrupt your business. When our clients are endangered, we respond quickly to understand the significance and the impact of the incident, and to be sure that it has been contained and eradicated.
The Scans service provides our customers with a continuous review of their assets that allows them to minimize the lifetime of known vulnerabilities in their systems. We generate actionable technical reports with concise and updated solution proposals. The analysis of vulnerability reports carried out by our technicians will provide the information that allows us to make proposals for improvement, not only to correct vulnerabilities in a timely manner, but to implement configurations that allow to solve them, manage them (possible mitigations), or even avoid them centrally.
Executive deliverables will also be generated with indicators of service maturity and evolution, among others.
This will allow the associated security risk to be managed.
Vulnerability analysis is an integral component of any cybersecurity program, and a vulnerability analysis and management system or service is cited in security certifications (ISO 27001, ENS)by regulatory bodies and a multitude of relevant bodies in the sector (Incibe, CISA, CIS, etc.) as an essential good practice since it is a common entry vector in security incidents.
EDNON Managed Backup services allow organizations to stop worrying about a routine activity, but of fundamental importance for the organization, since it is the guarantor of the continuity of the activity after an incident with data loss or data hijacking, or a disaster.
EDNON provides both the infrastructure necessary to carry out encrypted backups (remote and / or local), as well as the managed and secure services of monitoring, operation and administration of the backup, be they first copies, replicas, second copies, etc.. All with the best security guarantees in local data centers.
We provide outsourcing services, through specialized and flexible teams that vary depending on the needs of the service of each client.
We carry out the management of IT services based on good practices of ITIL and international standards UNE-ISO / IEC 20000-1: 2018. We are certified and we are audited annually.
We are committed to an efficient delivery of services, guaranteeing both quality and compliance with Service Level Agreements (SLAs) signed.
The main IT outsourcing services we provide -both for public entities and companies- are:
