Gruppo TIM
Gruppo TIM

Cyber

Telsy places itself as a Competence Center in the cybersecurity and cyber resilience of the TIM Group for government and civil market. Always at the forefront against cybercrime, Telsy offers its know-how to assess corporate security levels and face the most complex threats, guaranteeing maximum quality and efficiency in every situation. Telsy offers advanced, integrated, scalable, and customizable cybersecurity-as-a-service solutions, based on proprietary cyber platforms and high-competences experts to build and enhance a defense strategy tailored to the customer’s need.

Monitoring, Detection & Response

Thanks to technologies, infrastructures, and the dedication of its experts, Telsy provides customized solutions that allow the user to manage their security perimeter independently and on-premise.

A pillar of Telsy’s capabilities is OMNIA, an integrated cybersecurity platform that leverages the combination of its three components to provide highly specialized functionality. The first component is MIRO, a SIEM solution able to monitor customer infrastructures thanks to Artificial Intelligence. ODINO is the Threat Intelligence Platform that collects cybersecurity feeds from various open and closed sources, merging them with analyzes carried out internally by Telsy. The integration between ODINO and MIRO continuously updates the latter on the latest threats in order to improve and speed up analysis and correlation. The last component is OLIMPO, a Decision Intelligence platform that uses the most sophisticated AI algorithms to collect and analyze unstructured data (such as, for example, those coming from social platforms or the Dark Web) and correlate them with the information present on the knowledge base in order to enrich and improve it, at the same time providing support to operators to facilitate them in investigations and in making important decisions.

iSOC - Monitoring & Response

Security monitoring implies the collection and analysis of information, to detect suspicious behaviors and unauthorized system modifications on a network, defining alert/warning targets and countermeasure procedures based on the needs identified.

  • Security Monitoring: The service allows monitoring of potentially harmful events on the whole ICT infrastructure, optimizing the collection, analysis, alert & report of critical events, minimizing risks, building a log management, and raising the security level. The service is remotely operated by Telsy SOC personnel and is managed through our OMNIA proprietary solution.
  • Cyber Incident Response: The service is provided by SOC through a consultancy activity and it provides operational and forensic support to companies that have suffered cyber incidents, suggesting indications and steps to take in order to re-establish Business Continuity.

Cyber Threat Intelligence

Cyber Threat Intelligence represents the intelligence capacity developed in the cybersecurity field. Include the collection and analysis of information in order to characterize possible cyber threats from a technical, resource/motivation, and purpose point of view, often concerning specific operational contexts.

  • Company Threat Intelligence: The service allows to identify vulnerabilities and criticalities relating to the domain, its subdomains, IP addresses, and e-mails from public sources (OSINT) or Dark / Deep Web (CLOSINT). Thanks to the daily monitoring it is possible to identify the permutations related to Domain Squatting, Typosquatting, or IDN homograph techniques. The output of the service is a report, prepared by Telsy’s Cyber ​​Specialists, which provides an overall view of the critical issues and the relative exposure to Data Breach risk.
  • Early Warning: The service supports the organization in promptly reducing the exposure to cyber-risk, by providing real-time and complete information about software and hardware vulnerabilities identified in the customer’s ICT architecture. The analysis of public sources (OSINT) allows to send notifications or weekly reports typically before vendors to mitigate cyber risk and reduce detection times.
  • Threat Intelligence Feed: It consists of a specific activity of validation, comprehension, and reaction to the events happening in a given environment before they become serious incidents to identify, collect proof, and support incident responders about a specific attack campaign.
  • Threat Investigation: The service consists of a specialized activity aimed at identifying and collecting evidence traceable to a specific attack campaign. The goal is to validate, understand and react to events, so as to prevent them or mitigate their impact. The service runs through ODINO, a component of the OMNIA integrated cybersecurity platform, the Telsy technology composed of independent and interoperable elements to guarantee 360 ​​° protection and security.

Decision Intelligence

The Decision Intelligence service is offered through a modular platform based on innovative technologies of Machine Learning and Natural Language Processing, that allows to integrate and process real-time data inside and outside the organization to provide decision-makers with the key elements to make time-sensitive decisions and at the same time automate often time-consuming analytical processes.

  • Decision Intelligence Platform: This is the Decision Intelligence solution that is based on Machine Learning and Natural Language Processing technologies, allowing to integrate and process real-time data internal and external to the organization to provide stakeholders with the key elements to make time-sensitive decisions and at the same time automate time-consuming analytical processes. The platform can be implemented on 3 verticals: Contextualized Threat Intelligence, to support threat intelligence analysts in the decision-making phases regarding the security of the organization; Multi-domain Situational Awareness to allow in-depth analysis of large amounts of data from OSINT, CLOSINT and SOCMINT, deep and dark web sources, and through link analysis to allow multi-domain and multi-dimensional searches to be conducted; the Digital Bodyguard to allow VIP Protection, evaluating the risk profiles from a cyber, physical and reputational point of view. The service is operated through OLIMPO, a component of the OMNIA integrated cybersecurity platform, the Telsy technology composed of independent and interoperable elements to guarantee 360 ° protection and security.

Prevention

The best way to prevent an attack is to test own infrastructures to better comprehend their vulnerabilities and put in place appropriate crisis response initiatives. Telsy puts its technologies and experts at the service of quality and efficiency, averting crises in the bud and providing high-level consulting and support for the user’s security strategies.

Cyber Risk Analysis / Cyber Risk Monitoring

These are solutions that assess the comprehensive risk level and security posture concerning predefined benchmark targets.

  • Cyber risk management: Telsy’s ICT Risk Management activity helps the customer to become aware of their needs and to define an efficient strategic plan of investments in cybersecurity to reduce costs, mitigate risk, reduce any losses, keeping updated on new threats.

Vulnerability Management

In order to strengthen the cyber security infrastructure, Telsy performs both Vulnerability Assessment activities, through the use of automatic tools, and Penetration Test activities to identify weaknesses and draw a correct preventive strategy.

  • Vulnerability Assessment (VA): Process that aims to identify potential security vulnerabilities through the use of automatic tools on infrastructures (OS, network devices) and on web applications. Through the scan results it is possible to have an indicator in a short time on some security aspects of the analyzed assets such as patching, hardening, and encryption of flows.
  • Penetration Test (PT): Penetration Tests (PT) concern those solutions aimed at identifying real impacts through the search for vulnerabilities and their exploitation with manual assessment techniques. The types of PT available are infrastructural, application, wifi infrastructural, and SCADA.

Security Awareness

In the cybersecurity domain, people’s behaviors make the difference even more than technologies: security awareness, i.e. the capacity to remain vigilant, act and react in front of potential risks and cyber threats, has become an essential capability both in work and private environments.

  • Security Awareness: It is a training program to make the organization staff concerned about the main issues of cyber security, in order to increase users’ awareness of cyber threats and reduce the overall surface area of the organization exposed to cyber-attacks. The main purpose is to reduce the propensity to fall victim to phishing attacks on average from 40% to 50% over the course of a year.

Protection

The protection from threats that are external to infrastructures includes the use of adequate software, protocols, and actions capable of recognizing and blocking specific cyberattacks. Thanks to up-to-date software and certified proprietary technologies, Telsy protects the devices and networks of government and corporate customers based on their specific needs.

Network Security

Network security concern measures taken to protect a communications pathway from unauthorized access to, and accidental or willful interference of, regular operations.

  • Area Protection: Area Protection is a highly flexible and modular logical security perimeter service, managed through a centralized platform. The offer includes various features, including firewalling, VPN, web content filtering, anti-virus, anti-spamming, anti-bot, and intrusion detection system.
  • Secure Gateway: The solution is designed for multi-site customers who have secure internet access or who need to reduce the management complexity of logical security policies. The security management is centralized on Hyperway networks with internet access through Internet Gate (firewalling, Web Filtering, and Antivirus Gateway). Initial configurations are determined by the customer at the initial activation stage.
  • My Security Area: It is an offer managed by the specialized staff of the Telsy SOC, which offers perimeter security managed that allows the customer to make the most from the IP connectivity services, protecting your location from potential attacks from outside and simultaneously building secure VPNs.

Endpoint Protection

Solutions deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.

  • Telsy Titanium: Telsy Titanium is an integrated endpoint protection solution, designed and developed in Italy by Italian experts and technologies, with anti-virus, anti-spyware, anti-malware, anti-ransomware crypto-malware protection features, which aims to identify, isolate, and remove viruses and malware, protecting servers and working stations.
  • EDR: Endpoint Detection and Response (EDR) is a workplace (endpoint) security solution that combines continuous real-time monitoring and data collection with automated rule-based analysis and response capabilities.

Application & Cloud Security

Applications and cloud technologies for security without compromise or borders.

  • DDoS Protection: DDoS Protection is the security solution managed by specialized personnel from the Security Operation Center (SOC), active 24/7, that protects the company’s business from Distributed Denial of Services (DDoS) cyberattacks, safeguarding the availability of online services.
  • Web Application Firewall: Host Protection is the cloud-managed web application security service designed for businesses that need to protect their web apps from attacks or need to monitor sensitive business data and comply with regulations.
  • DNS Security: The service reduces risks associated with internet browsing, through anti-phishing and malware containment capabilities. It allows the activation of DNS content filtering activities to block access to certain categories of sites according to customer needs. The service is also available in a dedicated version to multi-site customers with more than 25 users, so as to allow autonomous management of their surveys.
  • E-mail Protection: Solution that protects employees from malware threats (malicious attachments or links), credential phishing email fraud, and attacks via social channels. It is a solution that scans and/or blocks incoming emails to the SMTP gateway for viruses, spam, and malicious codes.

OT Security

Safety component linked to customers and organizations that make extensive use of smart systems, robotization and processes, and production automation.

  • Dark Trace & Nozomi: Telsy offers solutions for monitoring and identifying anomalies of industrial systems and IoT devices, using Artificial Intelligence platforms.

Products

Products and solutions monitored and distributed by Telsy.

  • Google Chronicle: It is an integrated global telemetry and security platform; scalable and managed on Google Cloud to integrate and analyze heterogeneous sources of telemetry data to identify security threats. Chronicle provides a graphical interface for investigating and identifying threats. The platform integrates with various log sources and telemetry, both on cloud and on-premise, and offers a SaaS interface for the analysis and visualization of detected threats.
  • Virus Total: Virus Total is an ecosystem that, unlike other services, operates a public and free website to which any user can send and share hypothetical threats (URL files, domains, IP addresses) to have them scanned and classified. It processes, understands, and correlates files, URLs, IP domains, etc. with the internal database. Virus Total can be integrated with any existing and existing infrastructure.

Cyber Offensive

The Offensive Cyber Capabilities (OCC) are the combination of people, technologies, and organizational features, that jointly enable offensive cyber operations, i.e. the inconsistent manipulation of cyber services and networks. Through tools, artifacts, personnel, and intelligence capacity, in line with the international security directives, Telsy focuses its OCC on the relative (de-)escalation potential, in terms of diplomatic tension, instability, or balance of power.

For further information: solutions@telsy.it