Avid Joins Forces with ALLO Communications
Matthew Sutton

Cybersecurity 101: How does Avid detect and respond to malicious events happening on a server?

/in /by

By Matthew Sutton, Director of Cybersecurity Operations at Avid Communications

Cybersecurity 101: How does Avid detect and respond to malicious events happening on a server?We are constantly asked, “What sets Avid’s cybersecurity solution apart from the competition?” My answer is always the same, the Avid team. Make no mistake, technology solutions such as Next Generation Firewalls and our SIEM make our jobs easier. (SIEM is an acronym that stands for Security Information and Event Management.) Still, they require a talented and well-trained team to fully utilize their potential. We recently encountered an incident that put this on full display.

Malicious Events

Our SIEM alerts our Security Operations Center (SOC) when a malicious event has happened. It also alerts our SOC when a suspicious event has occurred.

In this case, one of our customer’s servers had outgoing traffic destined for a suspicious address. One of our analysts took charge and began digging deeper into the event to see what was happening. Using the logs that the SIEM stores, they can look back in time and determine that amongst the “normal” server traffic was a beaconing event. (The server was reaching out to an IP address at a consistent time interval.) This beacon to an unfamiliar IP address, coupled with the suspicious event, was enough for our analyst to escalate to our incident response team.

Incident Response

The incident response team immediately contacted the customer and began working with them to run anti-virus and anti-malware scans on the server in question.

These scans found infected files that had made their way onto the machine through a malicious browser extension. The team also worked to have our Endpoint Detection and Response (EDR) application installed on the machine. Our EDR found and blocked several more malicious files on the device. This allowed the incident response team to remediate and monitor the server and determine that there appeared to be no spreading of this malware. It was no longer a threat.

Avid’s cybersecurity solution is made of many powerful and sophisticated tools. Ultimately, the essential layer is still the team of professionals that monitor, investigate, and react to these issues.

Hacking and breaches continue to impact companies. If you would be interested in learning more about our cybersecurity best practices for your company, please give us a call!

Blog

About Us

Sales Staff

White Papers

Terms and Conditions

Kansas City:

6329 Glenwood St, Suite 103

Mission, KS 66202

Map & Directions

816.994.7070

Des Moines:

5000 Westown Parkway, Suite 440

West Des Moines, IA 50266

Map & Directions

515.635.4610

Copyright © . Avid Communications. All Rights Reserved. | Privacy Policy
Avid’s 2022 Year End Party at Lidia’sAvid’s 2022 Year End PartyWe have a new address! Omie is settling in nicely.Your friendly neighborhood telecom pros have a new base of operations!