New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research

Search

STANDARD SERVICES

Managed Endpoint Detection & Response

  • Provide client portal
  • Ongoing software updates
  • 24/7/365 Monitoring and Detection up to a maximum of determined investigations per month
    • If client exceeds the maximum investigations during a period for 3 months in a rolling 12-month period, additional investigations may be purchased in increments of 25 investigations on a pro rata basis of the current contracted rate

      • If client continues to have overages beyond the 3-month period mentioned above, Binary Defense reserves the right to charge for overages at a charge of $300 per investigation beyond the contracted maximum amount
      • Binary Defense reserves the right to suppress, disable, or convert to reports any high-volume, low-fidelity alerts

Managed Security Services

  • Provide client portal
  • Ongoing updates to configuration of solution
  • 24/7/365 Monitoring and Detection up to a maximum of determined investigations per month
    • If client exceeds the maximum investigations during a period for 3 months in a rolling 12-month period, additional investigations may be purchased in increments of 25 investigations on a pro rata basis of the current contracted rate

      • If client continues to have overages beyond the 3-month period mentioned above, Binary Defense reserves the right to charge for overages at a charge of $300 per investigation beyond the contracted maximum amount
      •  Binary Defense reserves the right to suppress, disable, or convert to reports any high-volume, low-fidelity alerts

SIEM Monitoring & Management

  • 24/7/365 monitoring and detection for the existing SIEM up to a maximum of determined investigations per month
    • If client exceeds the maximum investigations during a period for 3 months in a rolling 12-month period, additional investigations may be purchased in increments of 25 investigations on a pro rata basis of the current contracted rate

      • If client continues to have overages beyond the 3-month period mentioned above, Binary Defense reserves the right to charge for overages at a charge of $300 per investigation beyond the contracted maximum amount
      •  Binary Defense reserves the right to suppress, disable, or convert to reports any high-volume, low-fidelity alerts 
  • SIEM Platform Management up to determined hours per year
    • Proactive system health monitoring 
    • Basic troubleshooting of minor defects, errors, and stability/update issues
    • Implement workarounds to restore functionality when applicable
    • Vendor escalations on behalf of client as needed
    • Custom use case creation for log sources up to the subscribed & licensed amount
    • Ongoing tuning to Binary Defense custom rulesets and vendor-curated out-of-the-box rulesets up to the subscribed/licensed amount
    • Dashboard & report configuration for log sources/events up to subscribed/licensed amount
  • If a third party provider is monitored please see the appropriate link below:

Managed Threat Hunting Services – Basic/Standard/Advanced/Premium Package

  • Binary Defense will leverage the existing VMware Carbon Black Response/VMware Carbon Black Cloud/Microsoft Defender for Endpoint (ATP)/Microsoft Sentinel/Google Chronicle (Backstory)//Splunk/CrowdStrike Falcon/SentinelOne instance in order to proactively build and search for threat hypotheses and other early indicators/warnings
    • Basic Package: Up to 4 hours per week of threat hunting
    • Standard Package: Up to 8 hours per week of threat hunting
    • Advanced Package:  Up to 12 hours per week of threat hunting
    • Premium Package: Up to 16 hours per week of threat hunting
  • A monthly report of structured threat hunting plans and results from the previous month will be provided
  • Binary Defense will meet with client on a monthly basis to discuss threat hunting hypothesis and structured threat hunting objectives for the next month
  • The Threat Hunting team reserves the right to shift hours between weeks in any month to accommodate client needs and team schedules

Managed Phishing Response Service

  • Monitoring: Binary Defense will leverage existing email protection software that creates notices when an email is flagged for suspicious or abnormal activity. Binary Defense provides a virtual service where it monitors these notices, evaluates the risks, and communicates to client based upon the parameters in their agreements.
  • Detection & Tuning: Binary Defense regularly enhances and refines the alerts that are generated from technology solutions that create notices when an email is flagged for suspicious or abnormal activity. Binary Defense tunes and updates detections that are then applied to the email protection software.

Digital Risk Protection Services (Counterintelligence) – Security Package

  • Monitoring and Detection for client of threat indicators which may include: threats to client, disgruntled employee, compromised asset, employee negligence, sexual harassment, slander, operational security (OPSEC) failures, active shooter threat, bomb threat, fraud, theft, brand image, threats to industry (complete list can be found at https://BinaryDefense.com/Terms/CI- definitions)
  • One (1) email domain is included for monitoring for typo squatting and 3rd party data breaches – additional charges will apply per email domain
  • Incident Notifications include:
    Screenshot of events
    Initial threat level assessment of identified event
    – Further analysis of any event is available upon request on an hourly basis
  • Weekly threat hunting review
  • Monthly client report includes a roll up of all incidents for the month
  • Quarterly threat actor industry report

Digital Risk Protection Services – Human Resources Package

  • Monitoring and Detection for client of threat indicators which may include: darknet & Clearnet  monitoring, claims of sexual harassment, disgruntled employees, new hire investigations (complete list can be found at https://BinaryDefense.com/Terms/CI-definitions)
  • Incident Notifications include:
    Screenshot of events
    Initial threat level assessment of identified event
    – Further analysis of any event is available upon request on an hourly basis
  • Weekly threat hunting review
  • Monthly client report includes a roll up of all incidents for the month
  • Quarterly threat actor industry report

Digital Risk Protection Services – Direct Monitoring Package

  • Monitoring and Detection for person/group of interest of threat indicators which may include: darknet & clearnet monitoring, person of interest monitoring (hobbies/groups/friends), trending, predictive analysis (complete list can be found at https://BinaryDefense.com/Terms/CI- definitions)
  • Incident Notifications include:
    Screenshot of events
    Initial threat level assessment of identified event
    – Further analysis of any event is available upon request on an hourly basis
  • Weekly threat hunting review
  • Monthly client report includes a roll up of all incidents for the month
  • Quarterly threat actor industry report

Digital Risk Protection Services – Executive Monitoring Package

  • Monitoring and Detection for Executive(s) of interest for threat indicators which may include: darknet & clearnet monitoring, person of interest monitoring (hobbies/groups/friends), trending, predictive analysis (complete list can be found at https://BinaryDefense.com/Terms/CI- definitions)
  • Incident Notifications include:
    Screenshot of events
    Initial threat level assessment of identified event
    – Further analysis of any event is available upon request on an hourly basis
  • Weekly threat hunting review
  • Monthly client report includes a roll up of all incidents for the month
  • Quarterly threat actor industry report

Digital Risk Protection Services – School Monitoring Package

  • Monitoring and Detection for client of threat indicators which may include: darknet & clearnet  monitoring, clearnet scraping, social media monitoring/scraping, school app monitoring/scraping, active shooter, bullying/harassment, drug use (complete list can be found at https://BinaryDefense.com/Terms/CI-definitions)
  • One (1) email domain is included for monitoring for typo squatting and 3rd party data breaches – additional charges will apply per email domain
  • Incident Notifications include:
    – Screenshot of events
    – Initial threat level assessment of identified event
    – Further analysis of any event is available upon request on an hourly basis
  • Weekly threat hunting review
  • Monthly client report includes a roll up of all incidents for the month
  • Quarterly threat actor industry report

Additional Terms and Conditions for Services are located at https://BinaryDefense.com/Terms/AdditionalConditions. Reseller is not permitted to change the Terms and Conditions, except for pricing, payment and subscription term.  Orders for services will be effective on the date the order is received from client by Binary Defense or its authorized reseller or channel partner.