Cyber

Telsy places itself as a Competence Center in the cybersecurity and cyber resilience of the TIM Group for government and civil market. Always at the forefront against cybercrime, Telsy offers its know-how to assess corporate security levels and face the most complex threats, guaranteeing maximum quality and efficiency in every situation. Telsy offers advanced, integrated, scalable, and customizable cybersecurity-as-a-service solutions, based on proprietary cyber platforms and high-competences experts to build and enhance a defense strategy tailored to the customer’s need.

Prevention

The best way to prevent an attack is to test own infrastructures to better comprehend their vulnerabilities and put in place appropriate crisis response initiatives. Telsy puts its technologies and experts at the service of quality and efficiency, averting crises in the bud and providing high-level consulting and support for the user’s security strategies.

Cyber risk management

These are solutions that assess the comprehensive risk level and security posture concerning predefined benchmark targets.

  • Cyber Risk Analysis / Cyber Risk Monitoring: Telsy’s ICT Risk Management activity helps the customer to become aware of their needs and to define an efficient strategic plan of investments in cybersecurity to reduce costs, mitigate risk, reduce any losses, keeping updated on new threats.

Vulnerability Management

In order to strengthen the cyber security infrastructure, Telsy performs both Vulnerability Assessment activities, through the use of automatic tools, and Penetration Test activities to identify weaknesses and draw a correct preventive strategy.

  • Vulnerability Assessment (VA): Process that aims to identify potential security vulnerabilities through the use of automatic tools on infrastructures (OS, network devices) and on web applications. Through the scan results it is possible to have an indicator in a short time on some security aspects of the analyzed assets such as patching, hardening, and encryption of flows.
  • Penetration Test (PT): Penetration Tests (PT) concern those solutions aimed at identifying real impacts through the search for vulnerabilities and their exploitation with manual assessment techniques. The types of PT available are infrastructural, application, wifi infrastructural, and SCADA.

Security Awareness

In the cybersecurity domain, people’s behaviors make the difference even more than technologies: security awareness, i.e. the capacity to remain vigilant, act and react in front of potential risks and cyber threats, has become an essential capability both in work and private environments.

  • Security Awareness: It is a training program to make the organization staff concerned about the main issues of cyber security, in order to increase users’ awareness of cyber threats and reduce the overall surface area of the organization exposed to cyber-attacks. The main purpose is to reduce the propensity to fall victim to phishing attacks on average from 40% to 50% over the course of a year.

Protection

The protection from threats that are external to infrastructures includes the use of adequate software, protocols, and actions capable of recognizing and blocking specific cyberattacks. Thanks to up-to-date software and certified proprietary technologies, Telsy protects the devices and networks of government and corporate customers based on their specific needs.

Network Security

Network security concern measures taken to protect a communications pathway from unauthorized access to, and accidental or willful interference of, regular operations.

  • Area Protection: Area Protection is a highly flexible and modular logical security perimeter service, managed through a centralized platform. The offer includes various features, including firewalling, VPN, web content filtering, anti-virus, anti-spamming, anti-bot, and intrusion detection system.
  • Secure Gateway: The solution is designed for multi-site customers who have secure internet access or who need to reduce the management complexity of logical security policies. The security management is centralized on Hyperway networks with internet access through Internet Gate (firewalling, Web Filtering, and Antivirus Gateway). Initial configurations are determined by the customer at the initial activation stage.
  • My Security Area: It is an offer managed by the specialized staff of the Telsy SOC, which offers perimeter security managed that allows the customer to make the most from the IP connectivity services, protecting your location from potential attacks from outside and simultaneously building secure VPNs.

Endpoint Protection

Solutions deployed on endpoint devices to prevent file-based malware attacks, detect malicious activity and provide the investigation and remediation capabilities needed to respond to dynamic security incidents and alerts.

  • TelsyVHero: TelsyVHero is an integrated endpoint protection solution, designed and developed in Italy by Italian experts and technologies, with anti-virus, anti-spyware, anti-malware, anti-ransomware crypto-malware protection features, which aims to identify, isolate, and remove viruses and malware, protecting servers and working stations.
  • EDR: Endpoint Detection and Response (EDR) is a workplace (endpoint) security solution that combines continuous real-time monitoring and data collection with automated rule-based analysis and response capabilities.

Application & Cloud Security

Security for applications and cloud technologies without compromise or borders.

  • DDoS Protection: DDoS Protection is the security solution managed by specialized personnel from the Security Operation Center (SOC), active 24/7, that protects the company’s business from Distributed Denial of Services (DDoS) cyberattacks, safeguarding the availability of online services.
  • Web Application Firewall: Host Protection is the cloud-managed web application security service designed for businesses that need to protect their web apps from attacks or need to monitor sensitive business data and comply with regulations.
  • DNS Security: The service reduces risks associated with internet browsing, through anti-phishing and malware containment capabilities. It allows the activation of DNS content filtering activities to block access to certain categories of sites according to customer needs. The service is also available in a dedicated version to multi-site customers with more than 25 users, so as to allow autonomous management of their surveys.
  • E-mail Protection: Solution that protects employees from malware threats (malicious attachments or links), credential phishing email fraud, and attacks via social channels. It is a solution that scans and/or blocks incoming emails to the SMTP gateway for viruses, spam, and malicious codes.

OT Security

Safety component linked to customers and organizations that make extensive use of smart systems, robotization and processes, and production automation.

  • Dark Trace & Nozomi: Telsy offers solutions for monitoring and identifying anomalies of industrial systems and IoT devices, using Artificial Intelligence platforms.

Products

Products and solutions monitored and distributed by Telsy.

  • Virus Total: Virus Total is an ecosystem that, unlike other services, operates a public and free website to which any user can send and share hypothetical threats (URL files, domains, IP addresses) to have them scanned and classified. It processes, understands, and correlates files, URLs, IP domains, etc. with the internal database. Virus Total can be integrated with any existing and existing infrastructure.

Monitoring, Detection & Response

Thanks to technologies, infrastructures, and the dedication of its experts, Telsy provides customized solutions that allow the user to manage their security perimeter independently and on-premise.

A pillar of Telsy’s capabilities is OMNIA, an integrated cybersecurity platform that leverages the combination of its three components to provide highly specialized functionality. The first component is MIRO, a SIEM solution able to monitor customer infrastructures thanks to Artificial Intelligence. ODINO is the Threat Intelligence Platform that collects cybersecurity feeds from various open and closed sources, merging them with analyzes carried out internally by Telsy. The integration between ODINO and MIRO continuously updates the latter on the latest threats in order to improve and speed up analysis and correlation. The last component is OLIMPO, a Decision Intelligence platform that uses the most sophisticated AI algorithms to collect and analyze unstructured data (such as, for example, those coming from social platforms or the Dark Web) and correlate them with the information present on the knowledge base in order to enrich and improve it, at the same time providing support to operators to facilitate them in investigations and in making important decisions.

iSOC - Monitoring & Response

Security monitoring implies the collection and analysis of information, to detect suspicious behaviors and unauthorized system modifications on a network, defining alert/warning targets and countermeasure procedures based on the needs identified.

  • Security Monitoring: The service allows monitoring of potentially harmful events on the whole ICT infrastructure, optimizing the collection, analysis, alert & report of critical events, minimizing risks, building a log management, and raising the security level. The service is remotely operated by Telsy SOC personnel and is managed through our OMNIA proprietary solution.
  • Cyber Incident Response: The service is provided by SOC through a consultancy activity and it provides operational and forensic support to companies that have suffered cyber incidents, suggesting indications and steps to take in order to re-establish Business Continuity.

Cyber Threat Intelligence

Cyber Threat Intelligence represents the intelligence capacity developed in the cybersecurity field. Include the collection and analysis of information in order to characterize possible cyber threats from a technical, resource/motivation, and purpose point of view, often concerning specific operational contexts.

  • Company Threat Intelligence: The service allows to identify vulnerabilities and criticalities relating to the domain, its subdomains, IP addresses, and e-mails from public sources (OSINT) or Dark / Deep Web (CLOSINT). Thanks to the daily monitoring it is possible to identify the permutations related to Domain Squatting, Typosquatting, or IDN homograph techniques. The output of the service is a report, prepared by Telsy’s Cyber ​​Specialists, which provides an overall view of the critical issues and the relative exposure to Data Breach risk.
  • Early Warning: The service supports the organization in promptly reducing the exposure to cyber-risk, by providing real-time and complete information about software and hardware vulnerabilities identified in the customer’s ICT architecture. The analysis of public sources (OSINT) allows to send notifications or weekly reports typically before vendors to mitigate cyber risk and reduce detection times.
  • Threat Intelligence Feed: The service aims to provide analysts and incident responders with “actionable intelligence”, that is an analyzed, contextualized, timely, accurate, and relevant information. In fact, Telsy through a “Threat Intelligence” feed makes available to its customers a wide range of information sources on cyber threats. These sources (OSINT, CLOSINT and from research and analysis activities on threat actors and emerging threats on the network made by Telsy’s internal “Threat Intelligence” team) produce an information flow that, implemented within its own systems and its defensive infrastructures, allows to constantly monitor the activity of the main malicious actors and increase protection against complex cyber threats.
  • Threat Investigation: The service consists of a specialized activity aimed at identifying and collecting evidence attributable to a specific attack campaign. The goal is to validate, understand and react to events, so as to prevent them or mitigate their impact. The Threat Investigation service provides the production of a technical report containing the following information: description of the analyzed event; description of the IoC involved in the event analyzed; enriching IoCs with threat intelligence information held by Telsy; detection rules drawn up following the analyzed IoCs.

Decision Intelligence

The Decision Intelligence service is offered through a modular platform based on innovative technologies of Machine Learning and Natural Language Processing, that allows to integrate and process real-time data inside and outside the organization to provide decision-makers with the key elements to make time-sensitive decisions and at the same time automate often time-consuming analytical processes.

  • TelsyOlimpo: This is the Decision Intelligence platform that is based on Machine Learning and Natural Language Processing technologies, allowing to integrate and process real-time data internal and external to the organization to provide stakeholders with the key elements to make time-sensitive decisions and at the same time automate time-consuming analytical processes. One of the specific operational contexts of TelsyOlimpo is VIP Digital Protection, a module capable of collecting and analyzing data by contextualizing the various risk profiles of the exposed subject.

Red Team

The Offensive Cyber Capabilities (OCC) are the combination of people, technologies, and organizational features, that jointly enable offensive cyber operations, i.e. the inconsistent manipulation of cyber services and networks. Through tools, artifacts, personnel, and intelligence capacity, in line with the international security directives, Telsy focuses its OCC on the relative (de-)escalation potential, in terms of diplomatic tension, instability, or balance of power.

For further information: solutions@telsy.it