"They helped interviewing IT staff."
Malware Support Agreement
You may choose to retain the service of our incident response team in preparation for a cyber incident. When a successful attack occurs, our specialists will try and quickly recover your critical systems and work with you to remove any back doors that an attacker will have created.
We bring technical knowledge, equipment, and experience.
We have the technical knowledge, equipment, and experience you do not need in your day-to-day operations. We ensure that we recover your systems and do not destroy or compromise data that can help law enforcement prosecute the culprits.
Many years of experience have taught us that no “one solution fits all problems” and nothing is as easy to solve as they say it is. It will either cost you too much, or it will not solve your problem, which will cost you even more.
Perhaps you are backing of servers and databases that haven't changed? The default opinion of a employee in IT is to backup everything. This eventually becomes an issue especially as backups will get polluted with duplicate and non essential data.
It may take to long for data to recover as the Recovery Time Objective (RTO) is not mapped to your service level agreement. We will have a look at your RTO and see how we can speed-up recovery so that you can meet your SLA.
Loosing a site, server rack, or individual piece of hardware and lead to a massive outage. We help you map dependency and impact and propose solutions that do not cost more then the actual loss of service. Having proposed the solution we will setup a test site and allow you to recover from it.
Frequently asked questions
Simple to answer really, consider the following 8 points
- Have you been handing out your WiFi password to some one, especially some one you no longer have a relationship with?
- Have you shared an account like streaming service like Netflix, Disney, Amazon?
- Could some one that was at your house have gained access to your smart devices?
- Did some one use your phone, lets say to order food?
- Did you dispose of old electronics like a printer, a phone, or any wireless-enabled wearable technology like a watch or Fitbit?
- You're internet service provider gave you some router, or your router is cheep, or more than a year old?
If any of the above is a ''yes'' then first, before you continue reading do this, in this order
- change the passwords on your email accounts
- change all the passwords to all financial services (banking, Credit cards, Investment portfolios...)
- change all passwords on all your social media accounts
Also, if any of the following is true 7 You any one in your household plays on-line games. 8 You have data that ... you can't afford to loose, or would not like to share with the whole world.
Here are the common ways where you will be exposed
- Infrastructure gets attacked from the world wide web by dual use software that will scan for vulnerabilities on your network literally giving a detailed road map of how to gain access;
- Your WiFi network is easily targeted by individuals that attack router via its default user name and password as well as remote management configurations. If they really want to get in, then they will get in, and they will use software like RouterSploit or MetaSploit to join your network;
- Infrastructure gets attacked by its own edge devices like routers and firewalls, sounds bizarre right, well it’s the most common exploit used by attackers. A hacker will take over an edge device like a router and use the router to attack the owner of the network from within;
- You get attacked via your local network using compromised hardware like other computers on the network. The network can be your home or office network but also that cool VPN network;
- Users get attacked by your IoT devices like a smart thermostat, smart TV’s, smart light bulbs, Air-conditioning, even their own phone via that cool app/ game. All these devices have software that is not designed with security in mind and has no anti-virus or firewall on it;
- Large organizations get attacked all the time via an employee bringing compromised hardware to the workplace or, the user gets compromised themselves when he/she connects to the office.
If you provide us with your email address we will use it to inform you when we detect that your personal data is being sold on the dark-web. If you do not than this feature will only work if your PC is active as your PC knows your email addresses and the intrusion detection service validates those for you.
Some services like emailing customer support or contacting us via WhatsApp requires us being able to identify who you are and that you are a client with an active support contract. It would likely speed things up but most of the time it's not needed.
IDPS comes with several extra layers of protection, the list is not complete but it represents the 6 most common ways ransomware/ cybercrime is used to bypass a firewall:
Windows firewalls leaves a computer wide open to any outgoing communication, even when communicating to known malware-controlled servers, IDPS prevents that.
Cyberattacks are coming at you from all places and at all times, it’s relentless and it’s automated. Windows is extremely “user friendly” in that it allows attackers an infinite number of attacks and actually never takes any defensive measures. IDPS does, if a network scan or attack is detected then any and all access from that source is blocked, even if the attacker eventually would “guess” the right login/password combination or port he will never gain access as he is already blacklisted.
IDPS is fully automated and actively monitors your computer. it requires no user interaction, no data subscriptions, and therefore no computer skills to stop an attacker.
IDPS will detect abnormal communication. If it does, then IDPS will shield your computer and block these computers or smart devices in your office or your home network from harming your computer.
IDPS can send automated firewall abuse reports to the Internet Service Providers that are hosting these malicious activities. If after some time the activity doesn’t stop, then IDPS just blocks the whole data center from accessing your computer and your computer from accessing that data center, it’s like they no longer exist.
IDPS will block domains and IP addresses from known active malicious and or infected domains. This prevents any application on your computer, and not just browsers, from accessing these infected sites. By blocking these domains IDPS also protects you from other attack vectors like spear-phishing emails or macros that use these sites to download malicious payloads. Being able to block malicious domains is important as a blocked domains can’t be used to infect your system.
The cold hard truth is that an Antivirus application only reacts. An anti-virus application works by checking your files against a list of known virus signatures. Think about it this way, last week’s viruses will make it into next week’s anti-virus definitions. If a virus is new and yet unknown, there is nothing to compare it to. IDPS offers a safe environment for these files to be opened, if they execute malicious code, it will do so without causing harm and you won’t get infected.
No, all products are licensed per machine as it is a machine that is protected. The machine can have several users, they will all be protected, that’s fine.
What our customers are saying
The following terms and conditions apply to all software products offered by VESNX. Please note that the terms on this page are a small subset of terms and conditions that can be found at: https://www.vesnx.com/terms.
Products with a perpetual license do not expire and will be maintained by VESNX for as long as the operating system is supported by its vendor."
Products with a subscription are eligible for product updates and support migrations with the vendors operating system.
All products have access to product security updates, normally these updates are applied without you, the user having to get involved. Any products that have dependencies on malware signatures are automatically updated using the frequency in the settings of the products. Depending on the product, these updates could be near-real-time or with an interval ranging from minutes to days.