MS-ISAC Catalog of Services

SECURITY DEVICE MONITORING: MANAGED SECURITY SERVICES (MSS) INCLUDED IN MEMBERSHIP *

Managed Security Services (MSS) is compromised of the monitoring of two security devices. Typically, this would include
one firewall and one IDS/IPS device.
Security Event Analysis & Notifications 24x7
Technical Assistance
IDS/IPS Management
* Based on availability of Federal Funding and execution of a Memorandum of Agreement (MOA)

SECURITY DEVICE MONITORING: NETFLOW MONITORING & ANALYSIS (ALBERT) INCLUDED IN MEMBERSHIP

Netflow Monitoring and Analysis (Albert) is an automated process of collecting, correlating and analyzing computer network security information across State governments. The seven key Netflow fields are: source IP address, destination IP address, source port number, destination port number, protocol type, flags, and the router input interface.
Security Event Analysis & Notifications 24x7
Technical Assistance
Remediation Consulting
* Based on availability of Federal Funding and execution of a Memorandum of Agreement (MOA)

INCIDENT RESPONSE SERVICES INCLUDED IN MEMBERSHIP

The Center for Internet Security (CIS) and its Cyber Emergency Response Team (CERT) assists partners in analyzing
security information to assess the scope, magnitude, and source of intrusion when a cyber event is reported:
Network & Computer Forensic Analysis
Log & Malware Analysis
Access to the Malicious Code Analysis Platform (MCAP)
Remediation Consulting
Leverage Additional Resources through the National Cybersecurity and Communications Integration Center


ADVISORY SERVICES INCLUDED IN MEMBERSHIP

The CIS Security Operations Center (SOC) receives information from a variety of different sources; the information is
analyzed to determine the need for the creation of advisories or bulletins:
Advisories are distributed to all MS-ISAC members. They include: threats, vulnerabilities, exploits, attacks and
compromises. Advisories are also posted on the MS-ISAC website.
Weekly threat reports
Monthly Situational Awareness Reports
Monthly Briefing via webcast
Conference calls may also be scheduled

THREAT NOTIFICATION INCLUDED IN MEMBERSHIP

CIS Analysts and trusted third parties conduct research that provides intelligence in regard to targeted threats and release
of information from compromised government or government affiliated systems and website defacements.
Notices are sent to the impacted partners based on predetermined escalation procedures
Recommended remediation steps are provided
CIS Analysts are available for technical assistance

VULNERABILITY ASSESSMENT INCLUDED IN MEMBERSHIP

Network and web application assessments can be arranged based on a targeted threat or cyber event.
(Limited to a 30-day window)
Network Assessment
Web Application Assessment, including manual analysis and verification of reported vulnerabilities
Prioritization of vulnerability remediation
Customized reporting & vulnerability remediation support included

INFORMATION SHARING AND COMMUNICATIONS INCLUDED IN MEMBERSHIP

CIS has a compartment on the US CERT Portal that hosts a library of cyber security resources for members.
Provides access to contact information and allows for secure e-mail communication and document sharing.
Contains the Cyber Alert Map. Each state/territory regularly updates its alert level based on cyber events.
A portal compartment can be created for each State to enhance communications.

EDUCATION AND AWARENESS INCLUDED IN MEMBERSHIP

CIS provides education and awareness through the use of:
Daily cyber tips feed
Monthly cyber security newsletters
Bi-Monthly cyber security webcasts & hot topic webcasts
Monthly member webcast meetings
Awareness month toolkit
Chief Information Security Officer Mentoring Program

DHS INITIATIVES COORDINATION INCLUDED IN MEMBERSHIP

CIS coordinates DHS initiatives on behalf of the MS-ISAC membership, which include:
Nationwide Cyber Security Review (NCSR)
Office of Cybersecurity and Communications monthly activities
Security Clearances for State Chief Information Security Officers
Regional and National Security Exercises
Government Emergency Telecommunications Service (GETS) Cards for States
MS-ISAC
Catalog of Services


SECURITY DEVICE MONITORING: MANAGED SECURITY SERVICES (MSS) FEE BASED

Managed Security Services (MSS) is compromised of monitoring and/or management of security devices:
Security Event Analysis & Notifications 24x7
Monitoring and Management services are available for the following security devices.
Firewalls
IDS (Intrusion Detection System) / IPS (Intrusion Prevention System)
Web Proxy
Endpoint

SECURITY DEVICE MONITORING: NETFLOW MONITORING & ANALYSIS (ALBERT) FEE BASED

Netflow Monitoring and Analysis (Albert) is an automated process of collecting, correlating and analyzing computer
network security information across State governments. The seven key Netflow fields are: source IP address, destination
IP address, source port number, destination port number, protocol type, flags, and the router input interface.
Security Event Analysis & Notifications 24x7
Technical Assistance
Remediation Consulting

VULNERABILITY ASSESSMENT SERVICES FEE BASED

Vulnerability Assessment Services can identify, prioritize and report critical vulnerabilities with CIS network and web
application assessments.
Network Assessment
Web Application Assessment, including manual analysis of reported vulnerabilities
Prioritization of vulnerability remediation
Customized reporting & vulnerability remediation support included
Payment Card Industry (PCI) compliance scanning available
Scheduled (Monthly, Quarterly, Yearly)


CONSULTING SERVICES FEE BASED

CIS Consulting Services:
Security Policy Review
Infrastructure Architecture Review
Internal Systems Assessment
Comprehensive Security Review
Social Engineering (Phishing Exercises)
External Network Penetration Testing
Web Application Penetration Testing
* These services are based on a statement of work and are customized by request.


CONTACT FOR MORE INFORMATION

Mark Perry / Director of Partner Service
(518) 880-0686
Mark.Perry@cisecurity.org
24 x 7 Security Operations Center
1-866-787-4722
soc@msisac.org
MS-ISAC
Catalog of Services