Whitepaper: StopPoint empowers our expert cyber security team

1. Introduction

At Invinsec we are continually taking the fight to cyber criminals. StopPoint aims to empower our security operations staff with the right tool to effectively stop threats in their tracks, giving customers peace of mind while buying precious time to investigate and remove threats before allowing the endpoint back on the network.

StopPoint is designed to quickly and effectively terminate any network interface controllers (NIC’s) on an endpoint monitored by BroadBot, putting a stop to any potential data exfiltration, lateral movement or Remote Access Toolkits (RATs). As well the ability to lock down endpoints, StopPoint also provides a 2-way challenge-response method of unlocking a workstation. You provide us with a 4-digit code, we verify it and provide you one back to unlock the endpoint – simple.

StopPoint will be bundled with the existing BroadBot agent and won’t require an additional application install, only an update to existing pre-StopPoint agents – saving time, removing the need to add another application to the environment and staying true to our ethos of making security monitoring deployment as rapid and simple as possible without compromising on functionality.

2. Key features & benefits

  • Designed to give in-house security teams time to investigate and remediate endpoints without lateral movement from threats or data exfiltration
  • Ability to securely and remotely lockdown and unlock all NICs on the target device through SSL communication
  • Discreet process built into the existing BroadBot agent. No need to install additional applications
  • Fully monitored and controlled remotely from our 24x7x365 SOC
  • Process driven – we won’t lock down systems without authority from you
  • Challenge-response process of unlocking means we ensure that network communications aren’t re-established until the you’re happy

2.1 Process

diagram

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s