STOP IT. Stop Ransomware

What We Do

Promero is a 20 year MSP and provider of industry-leading cyber security endpoint protection technology and managed threat detection & response solutions. Our clients benefit from an enhanced security posture without the introduction of operational complexity and disruption to their organization.

Our Mission

Our mission is to help companies and IT staff improve their ability to detect advanced threats across the endpoint, network and cloud environments by providing advanced endpoint protection software.  Or by providing managed detection & response services, collaborate on investigations and automate the right actions to give you the best threat prevention possible.

Our Solution

Our solutions and services include the most advanced threat detection suite of tools specifically designed to stop ransomware.  Solutions can be easily managed by an organization’s IT staff.  If  staff augmentation and additional offsite services are needed, we can also provide  24×7 security operations center services upon request.

What is Ransomware?

Ransomware is a type of malware from cryptovirology that threatens to publish the victim’s personal data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system so that it is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion. It encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.

In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as paysafecard or Bitcoin and other cryptocurrencies are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Ransomware attacks are typically carried out using a Trojan disguised as a legitimate file that the user is tricked into downloading or opening when it arrives as an email attachment. However, one high-profile example, the WannaCry worm, traveled automatically between computers without user interaction.

Starting from around 2012, the use of ransomware scams has grown internationally.  There were 181.5 million ransomware attacks in the first six months of 2018. This record marks a 229% increase over this same time frame in 2017. In June 2014, vendor McAfee released data showing that it had collected more than double the number of ransomware samples that quarter than it had in the same quarter of the previous year CryptoLocker was particularly successful, procuring an estimated US$3 million before it was taken down by authorities, and CryptoWall was estimated by the US Federal Bureau of Investigation (FBI) to have accrued over US$18 million by June 2015.

In 2020, the IC3 received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million. The losses could be more than that according to FBI.

Our Playbook: 10 Steps to Stop Ransomware

Based on MITRE ATT&CK framework, our playbook assists organizations and security teams with the adoption of plans, technologies and actions needed to manage risk and stop ransomware.

  1. Senior Leadership Adoption: Empower the organization’s head of security operations to be responsible to empower his team with resources and technology to  prevent, detect, respond and improve cyber security strategy
  2. Provide Tools to detect new techniques used by cyber criminals: One cannot wait for the attack to react. If you wait for the attack, you have little to no chance of stopping a ransomware attack. Ransomware typically lingers within a network undetected before launching. Detect the operational techniques of new cyberattacks and build analytics to cover detection.
  3. Security Analysts must be able to identify the right attack vectors found in a source device and define the logged event to create the right actions.
  4. Communication with the SOC engineers is important that the right types of actions are audited and stored so IT operation team can review logging levels and configurations.
  5. IT Security Managers must have authority to recommend audit and logging guidance within the organization’s security controls. By updating and communicating guidance, SOC engineers will have better understanding of the accepted risk level for the organization.
  6. Build a multi-layered approach. Rather than having a one-size-fits-all policy, ATT&CK framework outlines security postures based on the needs and risk profile of the organization. Focus efforts based on abstraction layer, application criticality, asset vulnerability and logging levels.
  7. Adopt Risk Based Alerting (RBA) technologies that are built on MITRE ATT&CK techniques. Eliminate and minimize alert fatigue.
  8. Security analysts must identify data, logs and events needed to make the job of threat hunting, security monitoring or incident investigation.
  9. Penetration Testers should be tasked with finding weak points in the information network.
  10. Mandate and define the strategic and tactical security tasks and actions needed for incident monitoring and response.

XDR - Extended Detection & Response

24/7 Threat Management with 5 Minute SLA
1,000+ Security Experts Monitoring and Protecting Your Network

Who can most benefit from XDR?
The people who can best benefit from an XDR service are customers who have to address the challenge of data and information security in multiple environments, lack the ability in-house to map advanced threats against their security point solutions, have to meet compliance standards on an on-going basis, are moving to the cloud and are not exactly sure how to protect containerized environments, or worst of all – suffered a recent cyber attack.

Extended Detection and Response is a service that combines a fully managed suite of security technologies and services that scan for vulnerabilities.  The difference between stopping a threat in minutes versus hours can have significant impact on any organization. XDR delivers 24/7 threat detection and incident management with a 5-minute triage SLA to automatically protect against attacks on mission critical and high risk digital assets, and maintain and analyze logs for compliance and security issues for on-premises, cloud, and hybrid infrastructures. Our solution also helps companies comply with mandates such as PCI, HIPAA, GDPR, SOC 2, SOX COBIT; and standards such as NIST, ISO, and the CIS Benchmarks.

XDR solutions combine low cost, 24/7 monitoring and detection response with remediation services at a price 65% lower than DIY.

Promero,  20 year veteran of managed services will support and manage your SaaS-enabled XDR platform. XCR is designed to reduce both the likelihood of attack and the impact of successful attacks. The platform’s coverage spans clouds, networks, applications and endpoints, providing real-time insights into risks, vulnerabilities, remediation activities, configuration exposures and compliance status. In addition, you get the industry’s only network intrusion detection solution and log management for containers – allowing you to detect and visualize threats in real-time for any workload in any container (Docker, Kubernetes, Elastic Beanstalk, Elastic Container Service, CoreOS and AWS Fargate).

With more than 1,450+ highly trained and certified career experts, you truly are in secure hands. From threat hunters and handlers to scientists and researchers, protecting your organization is our sole purpose.

Key attributes:

  • Industry’s first SaaS-enabled extended detection and response (XDR) provider, delivering unrivaled security value.
  • Relentlessly analyzes threat activity providing detection and rapid response across endpoint, network and cloud environments
  • Scale your security and compliance efforts without complexity or hiring constraints
  • Get started detecting and responding to threats in as little as 30 days
  • Multiple security  capabilities in one unified platform
  • Stop attackers in their tracks

Executing on a successful security program and proving its efficacy can be a daunting endeavor. Without skilled resources and proven processes to manage your program, you could be exposed to heightened risk and left with more questions than answers. Staying ahead of today’s cyber-threats requires both a proactive and a reactive approach to security that spans people, process, and technology. Yet, rarely are organizations up for the challenge at every stage of security, from risk identification and management to detection and response.

That’s where we come in. At Promero MDR, security is our core business. We have over 20 years of experience helping organizations advance securely by reducing the complexities of building a holistic security program. Our portfolio of managed services is designed to support organizations identifying and remediating risks and ensures a layered approach to defend against advanced threats. Our team of expert researchers, analysts, and advisors extend your team by providing the resources needed to advance your program, improve your security posture, and confidently respond to threats.

Why Managed Security Services?

Our experts partner with you to improve your detection and response, vulnerability management, and/or application security programs. Our mission is to accelerate your security program—no matter your current maturity level—with the tools, resources, and people necessary to protect your business.

  • Receive tailored service based on a deep knowledge of your environment and security goals
  • Be guided by security advisors with strong technical expertise to mature and evolve your program
  • Rely on operations analysts who provide ongoing support for configuration, tuning, and/or monitoring of your service
  • Receive detailed reporting with prioritization of findings, next steps, and remediation guidance

Managed Vulnerability Management

Let our experts help you build or improve your vulnerability management program and protect your network assets. Gain a comprehensive picture of threat exposures and global criteria for risk prioritization to facilitate timely remediation across your environment:

  • Leverage real-time threat intelligence insights combined with a deep understanding of your environment to improve vulnerability discovery, prioritization, and remediation
  • Build trust in a high fidelity approach to actionable prioritization with our Real Risk score
  • Demonstrate progress against program goals with robust reporting and metric-driven scorecards

Managed Application Security

  • Your web applications are the digital lens through which the world views your business. Partner with our application security experts to effectively assess, report on, and improve your application security posture.
  • Account for modern application frameworks like SPAs and APIs
  • Streamline results to the subset of of vulnerabilities that present real risk with high-fidelity reporting and vulnerability validation
  • Support internet-facing and internal applications

Amazon Web Services Security Review

We provide a FREE AWS Security Assessment
Absolutely no charge or obligation

The AWS Security Review is free of charge professional services engagement delivered by trusted AWS Consulting Partners and powered by Alert Logic’s industry leading Security solutions. Provides you with a clear understanding of your current Security Posture and exposure to threats, and grades you against the Center for Internet Security (CIS) Amazon Web Services Foundations Benchmark.

The outcome of the assessment is an evidence based report that the AWS Consulting Partner will deliver to you, to summarize the Security Posture of your AWS account(s), grade them against the CIS Amazon Web Services Foundations Benchmark and help you understand how to improve, to align with established best practices.

Cybersecurity Maturity Model Certification

HIPAA Audit | PCI | SOX | ISO | Pen Test

16+ Audits, Assessments & Certifications
275+ Certified Auditors | 1000+ Customers Worldwide

We provide assessment and certification services for abroad spectrum of cyber security services that meet the needs of companies required to certify to HIPAA Audit, PCI DSS, HITRUST, SOC 2 Type II, ISO 27001, PCI PIN, PCI P2PE, PCI TSP, PA DSS, CSA STAR, GDPR, SWIFT, NIST (SP) 800-171 and FedRAMP. We are committed to empowering organizations in healthcare, financial markets, government contractors, education, and more develop and deploy strategic information security and compliance programs that are simplified, cost effective and comprehensive in both on-premise and cloud environments.

Heard about the newest Cybersecurity Maturity Model Certification (CMMC) regulation that went into effect? The rule requires every entity that works on Department of Defense contracts to complete a complex cybersecurity self-assessment, and submit the results to the government
Know much about NIST (SP) 800-171?

Our Team :

  • Average experience of Security Assessors is more than 15 years.
  • We go “beyond a checklist auditor” and follow a consultative and partnership approach to help customers get compliant and remain complaint to HIPAA, SOC, PCI DSS and more.
  • We provide, if needed by our clients, Continuous Compliance Quarterly Services which business can utilize as a package to help kick start compliance (and maintain compliance) instead of having to spend separately on security products and managed security services.

Our assessment methodology includes assigning a Compliance Assessor to each customer.

Qualified Security Assessor (QSA) – your expert who guides your Compliance journey :

  • Partner with you to help you meet all compliance requirements
  • Explain to you what evidence is required for each compliance requirement
  • Evaluate the evidence provided
  • Work with internal Quality Assurance (QA) Team and Security Testing team to help you achieve compliance
  • QSA will be supported by a Project Manager (PMO) with the following responsibilities
  • Track milestones including scoping, 50% pass, 100% pass of evidence and release of reports internally
  • Escalate potential risks to meeting deadlines to management

Your emails could be compromised.
92% of all breaches start with email phishing scams.

Email Exposure Report

Many of the email addresses and identities of your organization are exposed on the internet and easy to find for cybercriminals. With that email attack surface, they can launch social engineering, spear phishing and ransomware attacks on your organization.

The Email Exposure Check report identifies the at-risk users in your organization by crawling business social media information and now thousands of breach databases.

First Stage

Does deep web searches to find any publicly available organizational data. This will show you what your organizational structure looks like to an attacker, which they can use to craft targeted spear phishing attacks

Second Stage

Finds any users that have had their account information exposed in any of several thousand breaches. These users are particularly at-risk because an attacker knows more about that user, up to and including their actual passwords!

Your Report

We will email you back a summary report PDF of the number of exposed emails, identities and risk levels found. You will also get a link to the full detailed report of actual users found, including breach name and if a password was exposed.

Employees must receive training.

600+ Courses | 35,000+ Customers

Employees with access to PHI, PII, financial or confidential information must receive training.

World’s largest integrated platform for security awareness training combined with simulated phishing attacks. Join our more than 35,000 customers to manage the continuing problem of social engineering.

Contact Promero today to learn about low cost e-learning security awareness training courses that comply with HIPAA and PCI requirements.

The Health Insurance Portability and Accountability Act requires employees with access to Protected Health Information (PHI) to receive training to ensure that they understand the correct privacy and security practices associated with PHI. This includes staff members of any clinical, housekeeping, dietary, clerical, and contract workers. Anyone who has direct or indirect access to patients’ PHI needs HIPAA employee training and security awareness training. All CFISA e-learning training course are designed to comply with the requirements of the Americans with Disability Act (ADA) Section 508.

If ransomware or data security concerns you, PromeroMDR provides affordable network security, professional services and staff augmentation.

Cybercrime and exploits are up 400%. Attackers could be inside your cloud, data center, IoT and enterprise. It starts with a Pen Test. You need to know what you don’t know. You need to detect and stop threats BEFORE they cause damage. PromeroMDR will help you understand if your network is at risk of a breach or if you data is currently sold on the Dark Web. Now is the time time to invest in Network Detection and Response (NDR) to find and stop threats that are inside your organization. PromeroMDR’s Security Services help you deploy faster, reduce security risks, and get the most out of your Cyber Security Strategies. We can provide security services as a managed service or help your IT Department become more secure with the latest technology and solutions. We support you through every step of your journey, from formulating your cybersecurity strategy to deployment, ongoing policy refinement, continuous reporting, and risk assessment. Our experienced staff will guide you every step of the way.

Incident Detection and Response

Stop an intrusion before it causes damage. See, correlate, and detect more ― faster. Handle an incident properly to avoid bigger problems that can lead to a damaging data breach or system collapse. Detect and respond to an incident quickly with UnderDefense and let us help you minimize losses, mitigate exploited vulnerabilities, restore services and processes, and reduce the risks.

Penetration Testing

– Find the holes in your network and application;
– get a real world experience in dealing with an attack;
– train developers to make fewer mistakes;
– determine the feasibility of attack vectors;
Penetration testing that keeps pace with evolving attack surface. And the most important – see how well prepared your security team is to remediate the threat.

Advanced Threat Prevention

Get organized, analyzed and refined information about potential or current attacks that can threaten your organization and are relevant to your specific business. We’ll help you understand the risks of the most common and severe external threats that could do the most damage to your organization.

Virtual CISO

Work hand-in-hand with Promero’s Virtual CISO to set a sensible roadmap of security objectives that you can predictably work through over time. Expert security advisory service for businesses of all sizes. Experts in managing security programs, our vCISO is ready to help build your security infrastructure and maintain the security processes that need constant management and improvement

Vulnerability Management

Our Vulnerability Management processes include operations such as: checking for vulnerabilities; identifying, verifying, mitigating and patching the vulnerabilities. Get a risk based view of your entire attack surface so you can identify and prioritize vulnerabilities. We analyze network scans and pen test results, firewall logs or vulnerability scan results of your organization to find anomalies and help you figure out how to prevent vulnerabilities from being exploited.

Security Landscape Assessments

Promero guides you to make smart security investments by prioritizing and focusing on the high-importance, high-payoff items. Demonstrate to your customers that security is important to you — to show that you care about them and their data. Having an independent third party to do your security assessments is your check and balance that your security controls and processes are in place and are, in fact, working.

Compliance and Regulations

Compliance starts with a complete understanding and maintaining compliance to any standard regardless of industry. Using a combination of automated network and computer data-gathering and responses to built-in online questions, this service will discover and report on every issues of non-compliance along with remediation plan to address what is discovered. .

Security Certifications