Protect Your Data
Trained analysts monitor your network for issues, reducing the impact of a potential breach.
Monitor your existing OT, IoT, or traditional infrastructure without the need for endpoint agents.
Extend Your Investments
Capitalize on security investments, including endpoint, firewall, & behavioral analytics technologies.
Source Data Agnostic
Monitor anything that security systems produce, whether on-premises, in a remote office, or in the cloud.
Real people hunt for threats, investigate them, and respond with incident action plans.
Every customer has a dedicated advocate in the Security Operations Centers—the Critical Insight Success Engineer—who has a deep understanding of the customer’s specific needs and assets. They serve as the central communication point while a team of Critical Insight Analysts investigate threats and evaluate the need for an IAP.
Solving the people problem
Our team includes experienced Security Analysts with decades of military, government, healthcare, and private sector experience.
Investigations and IAPs
Alerts and incidents go through full, expert investigations. When action is required, we provide clear & complete Incident Action Plans with post-incident monitoring & recovery assistance.
Critical Insight SOCs
CI Security performs annual Type 2 SOC 2 examinations for multiple Security Operations Centers and provides continuity of service, even in the event of a natural disaster.
Packet capture remains behind your firewall, with only metadata sent—fully encrypted—to the Critical Insight Data Center, keeping PHI/PII on-premises.
Critical Insight Managed Detection and Response integrates seamlessly into your existing architecture.
The Critical Insight Managed Detection and Response platform receives logs from our on-premises collector, the cloud, or hybrid environments. Our best-in-class technology then prioritizes alerts to send to the Critical Insight Expert Analysts for investigation in the security operations centers.
Packet Capture on Critical Insight Collector, Network-based ingest, creating full visibility including IoT, and Syslog and NetFlow for additional context.
Detailed audit logs through CloudTrail, events retrieved through CloudWatch, and alerts sent by AWS GuardDuty.
Logs from Blob storage from MS Graph API & Azure Event Hubs and events in Azure services.
Logs & alerts using Microsoft Cloud Application Security (MCAS) and user behaviors in O365 applications.
Our expert analysts can take a proactive stance on your network to rapidly quarantine threats before they can attack and fully compromise the system.
Our Critical Insight Success Team works directly with organizations to set up a detailed “playbook” that outlines the details of when and how the analysts can intervene during an active cyber threat. If a threat emerges, CI Security can log into network switches disabling individual ports or the entire switch. The team also has the ability to disable network user accounts.
Detailed Network Diagram
The first step is to fully understand your network and how everything is connected to ensure that the team has a full understanding of what devices are attached to a port.
By clearly outlining the structure of when analysts can quarantine with and without approval as well as when to not quarantine a threat, we ensure that your system will be minimally impacted in the event of a cyber security incident.
Add a full-service security and compliance suite to your existing infrastructure.
Managed Detection & Response
Critical Insight Security Analysts monitor anything that your security systems produce, whether on-premises, in a remote office, or in the cloud.
Continuous Vulnerability Identification
Set up custom scans on your network at the frequency that you choose, eliminating the risk of waiting for next year’s scan.Learn about CVI
Manage log collection for AWS and on-premise networks. Your logs are encrypted, hashed, and securely stored for the amount of time you need.Learn about Log Management