Überlassen Sie Ihre Produktivität und die Sicherheut Ihrer IT Infrastruktur nicht dem Zufall.
Wer im Wettbewerb bestehen will, braucht klare Vorteile. Wir bieten Ihnen die beste Voraussetzung: eine moderne, abgesicherte und auf Ihre Unternehmensziele ausgerichtete IT-Infrastruktur, mit der Sie Ihre Produktivität und Effizienz optimal ausschöpfen können.
Die microCAT GmbH steht seit 1985 für ganzheitliche, kosteneffiziente Lösungen und Dienstleistungen im IT- Bereich: von der Beratung bis zur Bereitstellung von Hard- und Software, von der System-Installation bis hin zum operativen Betrieb. Dabei orientieren wir uns ganz an Ihren Zielen und bieten Ihnen ein Maximum an Kundennähe und Service.
Ihr Erfolg ist unser Erfolg
Unser stärkster Antrieb ist unsere Begeisterung: Wir geben uns nicht mit der erstbesten Lösung zufrieden. Sondern nur mit der allerbesten. Schließlich ist Ihr Erfolg auch unser Erfolg: Über 120 Mitarbeiter der microCATgruppe an allen Standorten in Deutschland geben täglich alles, damit unsere Kunden im Wettbewerb alles geben können.
Ganz gleich, welche Ansprüche Sie an Ihre IT haben: Wir kümmern uns darum.
Damit Sie sich voll und ganz auf Ihre Geschäfte konzentrieren können.
Enforcing privilege security on both endpoints and critical servers is a fundamentally important part of any organization’s security program. CyberArk Endpoint Privilege Manager is a comprehensive solution that enables organizations to block and contain attacks on endpoints and servers to reduce the risk of information being stolen or encrypted and held for ransom.
A powerful combination of privilege management and application control reduces the risk of malware infection on Windows and Mac endpoints. Unknown applications can run in a restricted mode to contain threats while maintaining productivity, and behavioral analysis identifies and blocks credential theft attempts. These critical prevention and protection technologies are deployed as a single agent to strengthen your existing endpoint security.
Automated policy creation generates privilege elevation and application control policies based on trusted sources
Privilege management for IT administrators limits which privileges, scripts and commands administrators may use on Windows machines based on role
On-demand privilege elevation automatically provides users with the privileges necessary to run trusted applications and carry out authorized tasks
Application control on endpoints and servers prevents known malicious applications from entering the environment and reaching critical servers
Integration with Check Point, FireEye and Palo Alto Networks solutions enable the automated analysis of unknown applications
“Greylisting” enables unknown applications to safely run in restricted mode
Behavioral analysis helps organizations detect and block attempted theft of Windows credentials and those stored by popular web browsers
Threat detection capabilities scan the original source and if found malicious will proactively scan the environment for other instances
Automated policy updates block malicious executables from propagating and running on all computers
Ransomware Protection lets you define filetypes that are permitted on a writing target. The agent will detect and stop unauthorized access to protected file types even if an attacker uses scripts.
Deployment options are Microsoft Group Policy (GPO), On Premise Server and SaaS
Provide an additional critical layer of protection when an attack evades traditional perimeter and endpoint security controls
Protect against malware and non-malware based attacks with comprehensive security on the endpoint
Leverage a unique combination of technologies to protect against, block and contain attacks on the endpoint, reducing potential damage to the business
Strengthen the prevention, protection and detection capabilities of existing endpoint security solutions
Prevent Windows servers, - desktops and Macs from credential theft by stopping unauthorized, lateral movement and privilege escalation through stolen credentials (or hashes)
Prevent users from installing unsanctioned applications that cause workstation instability, resulting helpdesk calls and increased support costs
Enable removal of local administrator rights without reduced user productivity and increased helpdesk calls
Ease deployment and management with single-agent installation, automated policy creation and choice of delivery methods
Deploys within a few days depending on size of environment and number of applications
An intuitive GUI and in most cases self explaining controls will allow a quick integration
Disclaimer: All mentioned product- and company names are trademarks™ or registered® trademarks of their respective holders. All specifications are subject to change without notice.
Consolidated Log Management, Real-Time Threat-Detection and Big-Data-Analysis with Logpoint SIEM
Many companies are already using, partially free, monitoring solutions to receive notifications about critical system states. However often the signal gets lost in the background noise of other infos and not every administrator can understand any sophisticated protocol language in their environment. An important step ahead to improve the current situation is the implementation of a Security Incident and Event Management System (SIEM). A SIEM collects all logs centrally, transforms them into a common language (normalization) and classifies them. During classification the SIEM will distinguish between „normal“ status reports, warnings and error messages. Using this kind of meta-information allows an administrator to do a targeted search for an error once the IT department receives a problem report.
Today important logs are often not analyzed though the source data would be already available and the potential insights would be of relevance for IT security. A centralized log management would harvest all the relevant data, do the analytics and provide you with alerts upon anomalies. A SIEM also offers the correlation of logs that have a common cause while the data is sourcing from different IT-components and databases.
microCAT is endorsing LogPoint SIEM for the following reasons:
LogPoint is a European vendor
During a support case clients might need to share personal data, therefor it is important that the contracting partner is also subject to the new European General Data Protection Regulation (GDPR 2018). Additionally, the Common Criteria EAL 3+ certification is attesting Logpoint´s trustworthiness up to NATO standards. Logpoint offers numerous compliance reports which are important for German clients.
A transparent license model
LogPoint is licensing based on IP adresses. This allows a precise calculation of costs. Furthermore, there is a built in hierarchical storage management (HSM), agents and a search engine are integrated as well. In case of a migration all elements of the SIEM are covered by one vendor minimizing dependencies.
Intuitive solution handling
allows a quick start within a few days. As the only things administrators need to learn are the methodic and the query statements, the learning curve is short delivering a quick return on investment.
Big data adapts to your organizational structure
In case you would like to attach branch offices, you just will add SIEM servers as Log-collectors. They will send compressed and encrypted data to a central big data repository. Multi tenancy capabilities using NQSQL technology will allow you to control that everybody will be seeing only the data within their responsibility without sacrificing a centralized overview.
Scale to your demands
The software appliance can be deployed on either virtual machines or on premise. Functional roles can be distributed as well, offering you great flexibility.
More than 650 ready- to-use data sources and over 5000 queries
You will find the most important questions already prebuilt into the product in a modular way. Regardless whether you would like to attach a new data source, query distinct information, or dynamically create a dashboard, you will either find it already integrated or you can download the component from the vendor. For instance, compliance reports for ISO 27001 and PCI DSS.
Outstanding value for money
Many companies postponed the introduction of first generation SIEM systems being afraid of high prices, their complexity, expensive databases and search engines. Now, new products lowered the bar to entry prices in the smaller 5-digit Euro numbers. Especially implementation efforts shrinked, benefitting from a new modular design.
Identification of Risky Endpoints and their Targeted Management with Rapid7 Nexpose and Insight-VM
microCAT uses products from Rapid7 to identify and remedy vulnerabilities because these products are providing an up to date information about which endpoint is currently posing the highest risk for your network. The parameters used to provide you with this information are:
How old is the vulnerability?
Is there a patch available?
Does the vulnerability pose a high or low risk for the application?
Can the vulnerability easily be exploited for an attack?
Are there already known exploits or is there even a lot of maleware exploiting it?
Is the endpoint important for your it-operation?
Different from just displaying a vulnerability by just highlighting a match with a database of Common Vulnerabilities and Exposures (CVE) Rapid7 builds a unique risk factor for each system and provides you with guidance for remediation by outlining the nature of the problem and hinting you to the sources of patches and hotfixes.
The software comes as perpetual offering (Nexpose) as well as a SaaS offering (Insight-VM). Both options are demanding only limited implementation time thus delivering a quick return of investment.
Clients with large IT-environments are appreciating the feature to aggregate patch requirements into projects and delegate duties to distinct employees. Environments with geographical- or organizational distribution will benefit from a clear communication of action items avoiding time consuming mail or phone coordination.
Vulnerability scanner for an unlimited number of IP addresses
Run one scan for multiple compliance reports
Automatic vulnerability updates and Microsoft Patch Tuesday vulnerability updates
Scan scheduling and alerting
Advanced report and scan customization
Open API™ and third-party Integrations
Virtual scanning (Vmware NSX)
Dynamic discovery scanning (Vmware, Mobile)
Adaptive Security with automated actions
Dynamic, Live Dashboards with 50+ Cards
Live data querying*
Microsoft Azure Support
Dynamic asset groups and tagging
Report templates and uploading
Integrated vulnerability validation with Metasploit
Custom tags and system criticality tags
Executive and remediation reporting
User role customization
Live assignment of remediation duties*
In-product tracking of remediation progress*
Ticketing integrations (API)
Ticketing integrations (In-Product)*
(Items marked with a * are only available in Insight-VM)
Penetration testing software to help you act like the attacker
Attackers are always developing new exploits and attack methods—Metasploit penetration testing software helps you use their own weapons against them. Utilizing an ever-growing database of exploits, you can safely simulate real-world attacks on your network to train your security team to spot and stop the real thing.
Get access to real-world exploits via the Metasploit Framework, maintained by 100,000+ contributors and users
Automatically correlate the right exploits to the right vulnerabilities—just import your assets and let Metasploit Pro do the rest
Filter out dangerous exploits to enable anyone to conduct a safe penetration test, regardless of experience
Test user awareness with intuitive phishing and USB drop campaign wizards
Utilize antivirus evasion techniques, just like hackers do, as well as post-exploitation modules to dive further into a network after an initial breach
Integrate Metasploit with InsightVM to create the only closed-loop penetration testing and vulnerability management workflow and prioritize what matters most
Simulate every step in the kill chain to ensure your incident detection and response team can catch attackers at any stage
SPYRUS of Silicon Valley, California, USA is a Microsoft partner that delivers security solutions to work with the Microsoft ecosystem. Our suite of self-encrypting storage devices include a 'Windows to Go' live drives that turn personal computers into compliant enterprise Windows 10 desktops from a USB 3.0 device that can be carried in your pocket, with or without connectivity. The drive boots the operating system directly from the AES-256 hardware-encrypted compartment and completely bypasses the host computer’s drive. No footprint is left behind when the drive is shut down.
Many professionals that are not particularly tech savvy need data protection solutions that are secure, but non-intrusive or complex. With the potential for escalation of the aircraft ban on computing devices, checking a laptop holding enterprise specific applications, stored passwords and other sensitive data, is not very attractive.
All of the SPYRUS security devices share a common cryptographic processor (our Hardware Security Module (HSM) branded "Rosetta®"), and are fully validated at FIPS 140-2 Level 3. All of these tamper proof devices can also be managed from a central, on premise, management console that allows an enterprise to set the each device for controls such as domain locking, locking the device to a specific workstation(s), encrypted data recover, device locking, kill and other customization options including setting use time-out duration. They can be used as hardware encryption keys for existing devices. (Note: the management console, the SPYRUS Enterprise Management System, is also provided via a managed cloud service).
The SPYRUS self-encrypting devices come in various form factors to support different platforms and use cases, the USB 3.0 devices are available from 32GB up to 2TB Solid State Drives (SSD) for storage or the bootable version described above.
The Rosetta microSDHC card with TrustedFlashTM configuration enables AES-256 hardware-encryption to provide the strongest commercially available data and private key protection to use with public key enabled applications. It is designed from the ground up to bring high-assurance information protection to mobile devices, laptops and tablets such as Surface Pro 4 and 5 for data at rest and in transit. Its convenient form factor enables secure data storage for devices with limited USB ports or devices that only have microSD slots, without the USB device protruding from the platform. The Rosetta microSDHD is available from 256Mb, up to 64Gb of flash memory.
The PocketVault P-3X USB 3.0 encryption device is a high-security, use-anywhere XTS-AES 256-bit hardware encrypting SSD device that protects data like a bank vault. The combination of USB 3.0 and SSD storage adds up to the fastest performance available.
NcryptNshare™ in conjunction with above hardware encrypted and enabled smart card devices supports the multiparty collaboration features of the NcryptNshare applications for end-to-end encryption and sharing between verified senders and recipients to protect data in transit and at rest. The NcryptNshare product line provides encryption, authentication, and collaborative information sharing across Microsoft Office, Office 365 and commercial Cloud Services products.
The convenience to you and your users for using SPYRUS is that there is no encryption software to wrestle or be trained on its use. Software encryption solutions tend to slow down computing devices and always rely on simple vulnerable password methodology. Our devices encrypt all data and with embedded smart card functionality, can be used for strong authentication. If passwords are chosen for activation, they are never stored due to proprietary firmware algorithms driven within the Rosetta HSM.
Why trust today’s data with yesterday’s security? Protect your data at rest and at work with SPYRUS www.SPYRUS.com.
The Promisec Promise: Integrity Across all your Endpoints!
Promisec Inc, a US HQ company with R&D in Israel, provides an agentless endpoint management platform since 2004. Over 450 corporate customers worldwide are using Promisec products to See, Analyze and Fix IT Security policy deviations in their endpoints.
The Promisec Endpoint Manager (PEM) patented technology makes sure that the configuration of your endpoints always meets your compliance requirements. This will contribute to:
Security of the endpoints vs. WannaCry/Petya/CCleaner breaches
Smoother internal & external audits
Enhanced compliance with legal requirements
Cyclic compliance scans will assure constant endpoint integrity with the corporate policy and help you identify misconfiguration or vulnerabilities. Centralized remediation can cover multiple platforms. An automation of tasks will reduce work load of your valuable security specialists.
Promisec assists you in the prevention & response to:
Zero Day Attacks
Requirement for an immediate analysis or configuration change of all your endpoints
With its reports and dashboards, PEM provides a bridge and common language between IT Security Team and IT-Operations. The offering is a holistic tool, that assists you with the adoption of sophisticated security requirements and contributes to enhanced regular endpoints operations and control.
Agentless Monitoring of complete IP Networks
Promisec Endpoint Manager (PEM) does not need agents to monitor endpoints. So, it will not disturb your operations compared to solutions that require an agent installation. It will also allow you to find and query machines slipping through your standard net supervision.
Working with IOC´s to detect security breaches
The Information Security Team can use Indicators of Compromise (IOCs) to identify systems that are working out of their compliance and may be affected with known Malwares.
‘Zero day’ attacks allocation using the ‘Wisdom of the Crowd’
With Promisec’s File Reputation module you can scan HASH of all running processes and get their File Reputation from Promisec’s integration with 3rd party partner- Reversing Labs.
This can provide almost immediate allocation of ‘Zero Day’ suspicious HASH running on your endpoints.
Central Endpoint Management
Immediate remediation after the identification of a vulnerability or misconfiguration:
Deinstallation of ‘Black Listed’ software
Installation of missing ‘White List’ items
Stopping or Starting of Services
Management of the Power Supply
Any other remote action on the endpoints
A native integration of the Common Vulnerabilities and Exposure Database (CVE) based on the NIST CVE.org DB provides the Security Team visibility to the risk scorings per endpoint and the required patching.
Dynamic and Gapless hardware/software inventory of all endpoints
PEM allows you to inventory software packages and hardware from all endpoints based on registry evidence. This allows alignment with the number of purchased licenses and enables you to find potentially harmful software, like scanners, Key loggers etc. It also allows you to warrant that software components are up to date and installed in the context of their correct hardware metrics.
Pitch your IT against international standards or your “Golden Images”
Support for the most important international standards is built in. For instance, CIS Benchmarks, provided by the independent Center for Internet Security or DISA STIGs, a collection of 400 IT policies, which are used by the US-Ministery of Defence to secure their IT assets. The support for SCAP and OVAL allows the Security Team to write policies to allow automated compliance checks against PCI DSS, HIPAA, NERC CIP and other regulations. Another option is to compare endpoints individually against your own ‘golden images’.
Promisec´s solutions are available as a perpetual on premise software (PEM) or an Azure based SaaS subscription (Integrity).