• Skip to primary navigation
  • Skip to main content
Shield

Statewide Cybersecurity Services

Texas A&M University System

  • Services
    • DNS Filtering
    • Threat Detection & Monitoring
    • Threat Intelligence
    • Vulnerability Scanning and Penetration Tests
    • Remote Incident Response
    • Security Consulting
    • Software Contracting and Evaluation
    • Training & Awareness
  • Alerts & Threats
  • News
  • Student Opportunities
  • Education
    • TEEX
    • TxCyber
    • RELLIS
  • Support
  • Search

See the Threat

Domain Name System (DNS) Filtering

In cybersecurity, many threats utilize DNS as a method to bypass IP block lists. Maintaining only a blacklist of known bad DNS entries does not completely resolve the risks, as it is common behavior for a malicious actor to use dynamically generated DNS entries to bypass these lists. We manage a toolset that will evaluate all DNS queries seen from your organization, as well as from any endpoints external to the network utilizing a roaming client. This service stops known bad DNS calls, as well as access to any newly seen domains (less than 6 days old or never seen by the vendors global network), preventing the majority of malicious code propagation.

We provide

  • Assistance in deploying the solution
  • The ability to add in content monitoring
  • Off-network protection and malicious device identification available with roaming client
  • User identification

Threat Detection & Monitoring

We will meet with you to understand your environment. We will detect and hunt for known and unknown threats and provide analysis of real-time security event data feeds to detect indicators of threats. Incidents are escalated to our analysts for in-depth analysis. Analysts will send Threat Indicator Notifications with information about detected threats. Analysts strive to add enhanced contextual information and How-To’s to the notifications for faster validation and delegation. Every notification will have analyst insight that is specific to the detection and present situation stakeholder’s environment.

We provide

  • Threat detection and monitoring
  • Triage of events
  • Alerts are prioritized according to the alert severity and the criticality of the impacted host(s)
  • In-depth analysis of security events and threat indicators
  • Threat Indicator Notifications
  • Monthly reports: Situational Awareness, Threat Landscape, Attacks, Key Performance Indicators
  • Security Advisories Subscription
  • Invitation to our regular Threat Brief conference call

Threat Intelligence

We create threat intelligence information based on findings gathered through monitoring our customers. This threat intelligence is anonymized and used as part of the Texas Information Sharing and Analysis Organization (ISAO). The ISAO, managed by us, links sources from across the state to better protect everyone participating.

We provide

  • Automated threat feeds inserted into the tools used to protect you
  • Correlation of threats from multiple sources to help you determine the risk

Vulnerability Scanning and Penetration Tests

External and internal vulnerability scanning is available to provide you with a better picture of assumed risks. These scans are designed to meet the requirements of state law and to help your organization resolve any unknown vulnerabilities. Penetration testing is provided through third-party contracts.

Got a question? Just ask.

Block the Threat

Remote Incident Response

Remotely, the SOC provides expertise in analyzing damage and removing changes left by an adversary. Support is usually done over the phone, email, web conference, or if necessary, remote terminal or administrative interfaces such as a collaborative meeting platform or Secure Shell (SSH).

  • Service availability and engagement is based on the type of incident and availability
  • On-site Incident Response is available based on the impact of the threat and availability

Security Consulting

We are happy to provide security advice for:

  • Supporting new system design
  • Business continuity
  • Disaster recovery planning
  • Securing, monitoring and auditing Microsoft Active Directory

Let’s discuss what your needs are and how we can help!

Save the Day

Software Contracting and Evaluation

As the industry shifts to combat the latest threats, it is necessary for tools used to combat those threats shift as well. We actively work with vendors to determine products that meet the needs of our customers and negotiate group purchases when applicable.

Training & Awareness

Proactive outreach to employees supporting general user training, bulletins and other educational materials that help them understand various cybersecurity issues. The main goals are to help you protect your team from common threats, better secure end systems and help employees correctly report cybersecurity incidents.

Get in touch

  • Services
    • Domain Name System Filtering
    • Threat Detection and Monitoring
    • Threat Intelligence
    • Vulnerability Scan
  • Alerts & Threats
    • Tools to Handle
  • In the News
  • Opportunities for Students
    • Education
  • Education
    • TxCyber Security Center
  • Support
    • Ask a Security Professional

Copyright © 2021 Statewide Cybersecurity Services Texas A&M University System. All rights reserved.  Twitter

Texas A&M University System