Cybersecurity, SOC, Endpoint Monitoring

Network Security Monitoring

Quest’s Network Security Monitoring provides network intrusion detection using either physical hardware or a virtual appliance.

Suspected threats are segregated for AI-enabled analysis using Quest’s analytics platform, Security Information and Event Management (SIEM), threat intelligence, and 24/7 365 Security Operations Center. This solution can detect potential threat activity on your network like command and control connections, denial of service (DOS) attacks, data exfiltration and reconnaissance.

Quest’s Network Security Monitoring Services:

Denial of Service (DoS) Attack

Identifies unusual traffic from organization-owned devices being used to perform a denial of service attack

Cross-Site Scripting

Identifies web server-client network traffic patterns indicating cross-site scripting attacks (XSS)

SQL Injection

Identifies Layer-7 network signatures indicating a SQL injection attack designed to exfiltrate data from vulnerable web applications

FTP & Cloud Storage Exflitration

Monitors network traffic over protocols that facilitate large data transfer and alerting when unusual quantities or file types are being transferred, or when the target is unknown or malicious

Command & Control Communication

Correlates network traffic to discover malware communicating with external attackers, which is a sign of a compromised account

Log Security Monitoring

Quest’s Log Security Monitoring is a managed security product that collects, aggregates, and normalizes log data from hundreds of sources for AI enabled analysis using:

Quest’s analytics platform
No remediation
Threat intelligence
24/7/365 Security Operations Center

Quest’s platform will identify threat-like behavior in systems such as impossible logins, multi-factor bypass, coordinated attacks, and rogue agents.

Quest’s Log Security Monitoring Services:

Cloud Infrastructure Attacks

Alerts on threat-like behavior in Amazon Web Service (AWS) services

Unauthorized Access

Monitors who is accessing devices and where they connect to, and alert when source or target is unknown or suspicious

Compromised User Credentials

Uses behavioral analysis to detect anomalous behavior by users, indicating a compromise. For example, logins at unusual hours or at unusual frequency

Anomalous Privilege Escalation

Detects users changing or escalating privileges for critical systems

Third-Party Violations

Monitors activity by external vendors and partners who have access to organizational systems, to identify anomalous behavior or escalation of privileges

Multi-Vector Attacks

Correlates data from multiple sources to get consolidated visibility of multiple attacks

Office 365 Log Collection & Correlation — Powered by AI

Quest’s Office 365 Security Monitoring is a managed security solution that monitors Office 365 activity using our AI powered analytics platform, SIEM, threat intelligence, and 24/7 365 Security Operations Center to identify threat-like behavior such as unauthorized access to cloud mailboxes, admin changes in the environment, impossible logins, and brute force attacks.

Quest’s Office 365 Security Monitoring:

Malicious Admin Changes

Tracks admin activity and changes to the O365 tenant

Unauthorized Delegate Access

Tracks email delegate activity such as movement or deletion of data

Failed or Unauthorized Access

Detects failed or suspicious login attempt

MFA Removed

Detects changes to MFA

Foreign Login

Monitors geolocation access with IP location sourcing and login from suspicious or unusual countries

Impossible Login

Detects logins from different geolocations within a short period of time

Suspicious Email Forward

Alerts when email forwarding rules have been created outside of the domain

Endpoint Protection

Quest Endpoint Protection is an integrated threat prevention solution that utilizes our own streaming-data analytics platform. The product combines the power of AI to block malware infections with additional security controls that safeguard against script-based, file-less, memory, and external device-based attacks and is backed by our Security Operations Center.

Quest’s Endpoint Protection protects businesses from the next generation of threats and attacks without compromising business functionality.

AI Based

Field-proven AI inspects any application attempting to execute on an endpoint before it executes

Automatic Blocking

Maintains full control of when and where scripts are run in the environment

Memory Exploit Protection

Proactively identifies malicious use of memory (file-less attacks) with immediate automated prevention responses

Zero-Day Protection

Resilient AI model prevents zero-day payloads from executing without the need for a signature

Fully Managed

Rest easy knowing our Security Operations Center manages your endpoint protection

Lightweight

Whisper-quiet background prevention ensures business operations are not disrupted

Full-spectrum

Full-spectrum autonomous threat prevention simplifies the security stack

Offline Protection

Delivers prevention against common and unknown (zero-day) threats without a cloud connection