Helping you to understand and manage your cyber risk and recover from any cyber attack.
BAE Systems is a worldwide cyber defence company. We protect nations, governments and companies worldwide from the threat of cyber attack. In addition to our range of cyber products and cloud services, we also offer customers a suite of cyber technical services to help you prepare and protect yourselves from cyberthreats, as well as expert help to remediate and respond to any successful cyber attack that may impact your business. Our cyber technical services include:
Our cyber threat intelligence team investigates and tracks cyber attacks against organisations around the world. From this we build rich profiles of high-priority threat actor campaigns which we continuously update as new information is obtained. Threat intelligence customers receive both technical data feeds and contextualised reports via a secure portal.
We also provide access to our technical experts, who can assist with investigating suspected cyber-attack activity. This spans the range of activities from deeply technical malware reverse-engineering to the broader understanding of socio-political situations and attribution analysis. Our threat intelligence services enable both enhanced threat detection and greater situational awareness.
In addition to regular reporting our experts undertake bespoke assessments to understand how and why an organisation might be attacked and who might be the perpetrators. This increases the value of penetration testing by ensuring it is conducted in accordance with the latest threat intelligence and is tied to the business context. This intelligence led insight enables penetration testing services to be more targeted and focussed in their approach.
We are CREST and CBEST certified and provide threat intelligence services to regulated financial institutions as well as broader industry and government.
Penetration testing ensures that products, applications and networks are sufficiently robust to cope with cyber threats.
Prior to penetration testing being conducted, specific threat intelligence can be acquired to provide added insight into contemporary cyber risks. The purpose of the penetration testing services then becomes to mimic the approaches that real, current threat actors can adopt in attacking the network; identifying relevant security weaknesses, vulnerabilities and possible attack vectors in the process. These tests can be conducted so as to try and avoid detection wherever possible, emulating the approach a real attacker would take, finding key security holes that would allow an attacker in and thus also testing the effectiveness of SOC and security monitoring capabilities: how soon do they detect an attack which is in progress and how do they respond?
This allows comprehensive and relevant recommendations to be produced which enable organisations to determine the best way to readjust or allocate resources to further enhance their protection and more effectively mitigate attack vectors that were identified at the business level.
We are CREST certified and provide security testing services to government departments and to a wide range of industry sectors.
Emergency Response Services
When a successful cyber attack impacts your network and business processes we are here to support you. We offer a full range of expert emergency Cyber Incident Response services to enable you to act rapidly and effectively. We combine technical skills with strategic guidance to make sure an organisation makes the right decisions at the right times to limit the impact of these attacks.
Our expert incident response teams use best of breed and in-house developed tools to focus any incident investigation on uncovering the critical facts. If you have fallen victim to a targeted attack, our technology can be rapidly deployed to give unparalleled visibility of malicious behaviour.
If a breach of your security has already made the headlines or attracted regulator attention, then our team can help you move forward by managing internal and external stakeholders as well as the press.
We aim to respond within hours of a call to our hotline for incidents around the world with remote support from one of our centres of excellence in UK, US and Australia. We will also rapidly deploy to your site supported by BAE Systems offices and infrastructure around the globe.
We are CREST and CESG certified to provide cyber incident response services to government, critical national infrastructure and other operators of nationally significant networks.