Schools On Target has experience with school networks, systems, protocols and procedures. Our goal is to assess how today's cyber attacks can impact your organization and better defend your enterprise. We accomplish this several ways through blue team and simulated red team approaches.
A blue team is a group of individuals who perform an analysis of information systems to ensure security, identify security flaws, verify the effectiveness of each security measure, and to make certain all security measures will continue to be effective after implementation. A red team is a group that plays the role of an enemy, and provides security feedback from that perspective.
SERVICES INCLUDE:
Framework & 46 Point Requirements
We can assist you with meeting the State's 46 point matrix requirements.
Adversarial Simulation
Our Network Specialists conduct tests that evade detection and employ every legal and in-scope method available to access and asses your network while mimicking the threat that illegal actors use to target schools.
Cybersecurity Framework Review & Planning
This includes the State's 46 point matrix, policies and incident response.
Penetration Testing
We analyze your security posture and determine how exposed your systems, services and data are to malicious actors from external, internal and web applications.
Vulnerability Assessment & Management
Our team will identify, classify, prioritize, assist in remediation, and mitigate software vulnerabilities.
Comprehensive Report
Upon completion of blue and red team testing we will provide you with a report which will detail findings and provide suggestions for improvement. We can provide a proposal to add any features if your district dos not have the capabilities for IT related upgrades internally.
Recovery, Remediation, Mitigation
In the event of an attack our team can assist you with recovery in the event of a cyber attack in order to get your network and services operational.
We suggest this service to be conducted at least once per semester, four times per year is highly recommended.
CYBERSECURITY
SIEM (Security Information & Event Management)
SIEM (Security Information & Event Management) system allows for centralized log management of all critical infrastructure and data retention of those logs can be stored for up to 1 year. It allows IT security teams and managers the ability to see what is going on without having to look in several areas for the needed information. It can help monitor your Google or Microsoft 365 environments for abnormal activity.
It can also integrate with new or existing EDR (Endpoint Detection & Response) systems along with some Antivirus/Antimalware systems. Firewall logs can be imported to help identify a cyber-attack in real time and automated responses help mitigate actions to prevent mass disruption of services. Honey pots are virtual systems that can be implemented so attackers target them and leave production infrastructure alone.
Below is pricing and features of our SIEM
• Coverage For All On-Premises and Cloud Integrations
• Unlimited Data Ingestion*
• 1 Year Data Retention
• Detections & Response
• Advanced Reporting
• Security Dashboards
• Automated Response (Dynamic Blocklists)
• Detection Rule Management
• Detection Filters
• Honeypots
$14.00 per month, per e-mail.