Haven

Military-Grade Cybersecurity as a Service

How Haven Protects: A Visual Overview

Haven is a defense-in-depth solution built with the highest grade, leading-edge technology. But no matter how secure and advanced preventative tools are, the ever advancing complexity and novelty of attack techniques requires human intervention.

Haven continuously feeds data from the preventative tools into our security information and event management system, which uses a configuration structure designed and optimized by our security engineering team and alert the cyber operators and analysts of potential threats in real-time.

Want to win the battle against ransomware and malicious attacks on your network?

It takes much more than hardware and software. The best-in-breed technologies can only achieve the mission when deeply integrated and leveraged by highly-trained people working within adaptive, self-reinforcing processes. Military-grade cybersecurity requires exceptional communication, a wide view of the battlefield, intelligence-driven decision making, and rapid response.

Enlist Haven to protect your network so your organization can get back to job #1 – satisfying your customers.

Endpoints Armed

In the event a threat or malware goes undetected by the network and/or email security solutions, it is likely it will attempt to access an endpoint in your organization, which is protected by our Endpoint Security, a next-generation anti-virus solution that utilizes machine learning to identify and block malware, such as ransomware, malicious scripts, and other advanced threats.

Leveraging machine learning algorithms allows the tool to identify threats before being seen in the wild, which are often referred to as “zero-day” threats. 

  • Secure workstations and servers

  • +99% malware prevention utilizing artificial intelligence and machine learning (non-signature-based)

  • Prevent fileless in-memory attacks

  • Windows, MacOS, and Linux* support

  • Lightweight agent minimizing system impact

*For supported Linux distributions

Malicious Emails Blocked

Employees are often the first line of defense against attacks. Our email security controls are designed to protect end users from receiving emails and attachments that may contain advanced threats and attacks.

  • Tailored policy driven email solution for your environment

  • Enhanced security with spam and phishing detection

  • Analysis of URLs and attachments for vulnerabilities or threats

  • Ability to easily send encrypted emails containing sensitive information

  • Impersonation protection

  • Sandboxing and multilayer detection

Network Defended

A next-generation firewall with advanced network security capabilities and cloud sandbox analysis for potentially malicious files are detected traversing your network. 

The firewall examines all traffic coming in and out of the network according to a set of policies to allow or deny specific types of traffic (for example, blocking web traffic categorized as gambling). 

In addition to examining and filtering web traffic, the firewall can examine and manage computer applications and devices connected to the network. Web traffic analysis happens behind the scenes. Typically, the only time a user will be made aware of the firewall is if an attempt is made to access a blocked website, in which case an error page will be displayed. 

  • Network perimeter connectivity

  • Internal network connectivity*

  • Application identification and control

  • User account identification and control*

  • Threat prevention and detection (IPS/IDS)

  • Network based URL/web filtering

  • Sandbox forensics for unknown threats

  • Actionable threat intelligence

  • SSL decryption*

  • VPN for remote and point to point access*

  • Cloud Based DNS Security*

  • Network-based vulnerability scanning (on-premise appliances only)

*Available with compatible configurations.

Vulnerability Identified

Haven runs routine network vulnerability scans across the organization’s network. Network vulnerability scanning is used to proactively identify missing patches, out of date software and misconfigured services that could be exploited by an attacker.

Threats Investigated and Eradicated

Timing is crucial when a potential threat is detected. Our Corvid Security Operations Center teams are always watching the wall–monitoring, detecting, and responding to potential threats 24/7, 365 days a year.

Data logs from the network security firewall, endpoint protection and email security tools flow into Corvid’s Managed Security Information and Event Monitoring (SIEM) system for continuous monitoring of security events.

4 teams working to stop threats before they can cause damage to your organization:

  • Investigation & Forensics: Front line defenders who triage and respond to threat alerts.

  • Threat Intelligence: Tracks adversary activity and provides guidance to the detection engineering team.

  • Detection Engineering: Performs threat hunts and creates new detection logic that makes Haven smarter.

  • Security Automation & Countermeasures: Stay on the offensive to ensure Haven keeps your environment secure.

  • 24 x 7 x 365 monitoring of security events

  • Security log retention for 90 days

  • White-glove engineering and security analysis support

  • Threat analysis and investigation

  • Proactive threat hunting

  • Notification and remediation of new security events and incidents

Employees Trained

Human Error is the leading cause of expensive security breaches. Through situational learning, and simulations, Haven strengthens the cyber awareness of employees and helps companies lower cyber risk.

Interactive security awareness videos

Employees receive an email with a link to access training videos that were created to be short, entertaining, and educational. Episodes are 3-4 minutes in length and they teach a lesson on one specific security threat using a real-life security breach as the story line. Every month, users will receive an email to let them know that a new video episode is available.

Simulated phishing campaigns

Because so many data breaches originate from a phishing email, Corvid sends occasional simulated spoofed (fake) emails designed to test employee awareness of a true phishing email. These spoofed emails will not reveal any sensitive information, but will provide an idea of where improvements in employee training are needed. When a user clicks within a simulated phishing email, that person will be automatically prompted to watch a video on the subject of identifying a phishing email.  

By-user participation and phishing and training results are provided in real-time.

Improved Compliance

Haven provides services to help your organization meet many cybersecurity compliance requirements including NIST SP 800-171CMMCPCIFINRAHIPAA, and ABA FO 483.

Continuously Upgraded

As new technology emerges, we upgrade Haven so you always have leading-edge protection. This means no more costly upgrades and out of date technology.

haven-cybersecurity

Cybersecurity as a Service

Find out how Haven can protect your organization and help you improve compliance.