Security Services Overview

Windstream Professional Services uses trusted 3rd parties to deliver Consulting services as a complement to Windstream’s core services such as SDWAN, Firewall, and DDOS Services. These services are typically making Customers aware of vulnerabilities or helping them to further secure their network resources.

Testing

    • Red Team Services: A complete security assessment offering that utilizes all security assessment services as one cohesive service. Information is utilized between all activities and is used to test your organizations security defenses in a manner most consistent with adversarial actions.
    • External Network Vulnerability and Validation Testing: Discovery of externally available devices, ports/services, and vulnerabilities is performed from both manual and automated scanning. Vulnerabilities are manually validated to provide evidence of potential results and removal of false positives.
    • External Network Vulnerability and Penetration Testing: The addition of the penetration testing allows Foresite consultants to engage client infrastructure in a similar fashion as an adversary. Attacking known vulnerabilities to gain access may then lead to lateral movement within the organization. End-Goals for penetration testing is defined by the client.
    • External Application Security Testing: Testing specifically focused on externally facing web applications. Automated and manual vulnerability and penetration testing performed on applications to ensure secure coding practices and web server configurations are utilized.
    • Internal Network Vulnerability and Validation Testing: Discovery of internal devices, ports/services, and vulnerabilities is performed from both manual and automated scanning. Vulnerabilities are manually validated to provide evidence of potential results and removal of false positives.
    • Internal Network Vulnerability and Penetration Testing: The addition of the penetration testing allows Windstream consultants to engage client infrastructure in a similar fashion as an adversary. Attacking known vulnerabilities to gain access may then lead to lateral movement within the organization. End-Goals for penetration testing is defined by the client.
    • Internal Application Security Testing: Testing specifically focused on internally facing web and thin client/thick-client applications. Automated and manual vulnerability and penetration testing performed on applications to ensure secure coding practices, communications, and configurations are utilized.
    • Device Security Testing: Windstream will perform assessment activities from both technical and physical perspectives on client provided devices. Devices are inspected to determine if attackers are able to gain access to sensitive data, modify devices, or perform other malicious actions towards the device and loaded software.
    • Cloud Security Assessment: Review of 3rd party cloud services providers, existing deployments, policies/procedures.
    • Firewall Configuration Review: A best practices review of current firewall configurations

Social Engineering

    • Personnel Security – Phishing: Email campaign(s) utilized to identify weaknesses in employee security awareness regarding email reception and actions executed as requested in the campaign email.
    • Personnel Security: Social Engineering: Phone campaign(s) to identify weaknesses in employee security awareness regarding actions performed and information provided during the campaign phone call.
    • Personnel Security – Physical Security: Attempts are performed to gain physical access to facilities, devices, and data that are owned by the client.

Compliance and Assessments

    • Wireless Security Assessment: Wireless configuration and security review of implemented wireless access points and infrastructure.
    • Password Complexity Validation: Windstream performs password cracking attempts against client provided “.dit” file for purposes of identification of easy to guess or weak passwords.
    • PCI Gap Assessment: A review of client’s current PCI compliance stance through interviews, documentation review, and minimal controls validation.
    • PCI Audit: A complete PCI audit utilizing the latest released DSS version (currently 3.2) for auditing organizations PCI environment(s) for compliance against documented requirements.
    • HIPAA Gap Assessment: A review of current controls and gaps as compared to HIPAA
    • HIPAA Audit: A complete HIPAA audit.
    • ISO Gap Assessment: A review of current security gaps as compared to ISO 27001.
    • ISO Audit: A complete ISO 27001 audit.
    • NIST Gap Assessment: A gap review of an organizations security posture as it relates to NIST SP800-53 R4 and other NIST documentations.
    • CMMC/NIST 800-171 Gap Assessment: A gap review of an organizations security posture as it relates to NIST SP 800-171 for protection of Confidential Unclassified Information (CUI) mainly for manufacturing.
    • CIS Top 20 CSC Gap Assessment: A gap review of an organization’s current security controls against the Center for Internet Security 20 Critical Security Controls documentation.
    • NYCRR Gap Assessment: A gap review of an organizations security posture as it relates to requirements passed in NY State for financial sector. Insurers also may fall under NYCRR.
    • CJIS Gap Assessment: A gap review of an organizations security posture as it relates to protection of data gathered and maintained by public services (police, fire, emergency) audited by FBI.
    • GDPR Gap Assessment: A gap review of an organizations security posture as it relates to GDPR requirements to protect personal information of EU citizens in all countries.
    • Vulnerability Management Program Gap Assessment: A top-down review of your vulnerability management program from documentation to execution. Windstream will review your organization’s Vulnerability Management Program documentation, interview personnel to evaluate processes, and perform internal and external network vulnerability and penetration testing activities to evaluate the effectiveness of the program.
    • Policy Audit: A review of documented polices compared against a variety of standards and compliance bodies.
    • Compromise Assessment: Identification service for the discovery of potential compromise within the organization. Analysis of data collected during the engagement focuses on malicious activities performed within the organization, malicious outbound connections, and malicious applications

Incident Response

    • Incident Response Program Development: Windstream will assist in developing an internal incident response program that utilizes current capabilities, development of increased internal skills and knowledge, solutions gap and remediation plans, and roadmap for program maturation.
    • Incident Response Gap Assessment: Windstream will analyze the current people, processes,
    • and technology of an organization as it pertains to each phase of the incident response lifecycle.
    • Incident Response Plan/Playbook Development: Windstream will assist in developing organizational Incident Response documentation based off interviews of pertinent personnel, review of controls in place, and our experience in delivering Incident Response services.
    • Retainer: A defined block of pre-paid hours that may be utilized for proactive incident response services (Plan or playbook creation, review, or tabletop exercises).
    • Managed Breach Response: 24/7 access to incident response resources, including legal, forensic, and public relations. Includes Dark Web Monitoring of domain and either $100,000 or $250,000 annual gap coverage for initial investigation, coverage of commercial insurance deductible or other common cyber insurance exclusions, such as regulatory fines.

Consulting

    • Virtual CISO (vCISO): Executive level services for development and/or maturation of an organization’s security posture from a leadership perspective.
    • Block of Advisory/Consulting Hours: Prepaid blocks of consulting hours to be utilized for delivery of any of the above services.

Managed Services

    • Managed ProVision MSSP/SOCaaS- Monitoring MA2: Proactive monitoring of client’s network to provide log correlation from firewalls, endpoints, O365, Active Directory and Domain Controllers, IDS/IPS, etc. into a single portal with customized business rules. Windstream’s Security Operations Center teams add threat intelligence from multiple outside feeds, validate alerts to rule out false positives, and provide quarterly reviews for continuous rule tuning.
    • Managed ProVision MSSP/SOCaaS Managed or Co-Managed Assets MA3/4: Option to add full management or co-management of firewalls and select endpoint solutions to apply updates and make configuration changes as needed.
    • Managed ProVision Vulnerability Patch Management: A service for outsourcing patching of third-party applications and operating systems.