Active checks

Active checks monitor the activity of your cybersecurity tools like Webroot, Umbrella, Automox, Meraki or Proofpoint. ThreatAware active checks makes a careful analysis of that information and presents risks in a prioritised and actionable way.

Complete visibility

The best way to ensure cyber hygiene and manage cyber risk is to continuously monitor the performance of your cybersecurity tools, people and processes.

ThreatAware is designed to make it easy to monitor and manage cybersecurity, alerting you to threats, making it clear what actions are required and ensuring that these actions are effectively followed up to completion.

The ThreatAware dashboard gives instant visibility and makes it straightforward to drill down to specific issues and the status of corrective actions.  Uniquely, ThreatAware combines the monitoring of people, cybersecurity processes and cybersecurity monitoring tools, in one place, on one dashboard.

ThreatAware Alerts

ThreatAware interfaces to each of your security tools and pulls only the most relevant data directly from them. This data is then further analysed to assess the relevant risk of each cybersecurity event, based on the frequency and how critical it is. Issues which require action are then highlighted giving a clear view of the level of enterprise risk and where it originates Cybersecurity monitoring and SIEM in one dashboard.

threataware-dashboard-alerts
Example

Webroot detects an intrusion

  • Blocked infections won’t show an alert, but monitoring will continue
  • A computer with out of date antivirus will trigger an amber alert
  • If the machine is infected the alert will be red

Accountability

To ensure clear ownership of each event within the team, ThreatAware has a simple yet highly effective ownership function.
All cybersecurity events remain unassigned until an engineer takes ownership and it becomes their responsibility to resolve them.

threataware-dashboard-ownership

Alert ownership

A quick look at the dashboard will immediately highlight any events that have not been assigned because the risk icon will be pulsing. Once assigned the risk icon will stop pulsing but will remain red or amber until the issue has been resolved, maintaining visibility that there is a cybersecurity event being worked on.

True Status™

ThreatAware is the ultimate monitoring system because no one can override the alerts, not even with admin rights. The system will only allow you to take ownership of a problem and fix it.

Each time ThreatAware polls the relevant tool, it will verify if the issue has been resolved and only when the risk is verified to have been eliminated does the alert return to green. Demonstrable confirmation that the cybersecurity event has been managed is provided by the monitoring tools, not the engineer.

For example, a red alert identifies a machine has a virus. An engineer must then take ownership and disinfect that machine. Only after ThreatAware rescans and confirms the machine is clean, will the alert update to green. The engineer has no control over the alert status. We call this True Status™.

Systems Inventory

ThreatAware interfaces to each of your security tools and pulls only the most relevant data directly from them. This data is then further analysed to assess the relevant risk of each cybersecurity event, based on the frequency and how critical it is. Issues which require action are then highlighted.

threataware-dashboard-inventory

Real Time Alerts and Compliance

ThreatAware interfaces to each of your security tools and pulls only the most relevant data directly from them. This data is then further analysed to assess the relevant risk of each cybersecurity event, based on the frequency and how critical it is. Issues which require action are then highlighted.

  • Fail

  • Fix booked

  • Pass

threataware-dashboard-trends

Trends

ThreatAware allows you to understand what the normal monitoring activities and results are for each of your cybersecurity tools and can compare them with the current situation. This is vital when trying to understand if a series of events are usual business activity or an anomaly that should be investigated further.

Whilst the trend data from within the tools themselves is typically only held for 30 days, ThreatAware holds up to a years’ worth of data for analysis, providing unrivalled insight.

For example, looking at the trend data for Antivirus then observing the number of blocked infections over time could reveal an on-going attempted attack.

We are here to help

How it works

Find out exactly what's included in ThreatAware active checks, the implementation process and which best in class monitoring tools we work with.

FIND OUT MORE

Try ThreatAware

Find out how easy it is to monitor and manage your cybersecurity and compliance with our fully functional demo site.

Try it now

Select a plan

Choose between our Standard, Enhanced and Enterprise plans depending on the level of protection and customisation you require.

BUY NOW