Who We Are
We are a dedicated team of true security analysts, technologists and consultants committed to providing high-caliber services and technology.
Company Information
Founded in 2011 and located in Jacksonville, Florida, Quadrant Information Security is a consulting firm committed to supporting organizations in all vertical markets and protecting their sensitive data. Specializing in Managed Security Services and Enterprise Security Consulting, Quadrant prides itself on helping our customers maintain a secure environment. Our unique offerings and consultative approach, coupled with a strong past performance and highly skilled security professionals make Quadrant the smart choice in the security consulting arena.
Company Leadership
[Update: No modifications to this rule. We have noticed that in production it triggers on valid file movement. As Jack repeatedly points out, knowing your environment is important! In the cases we've seen this fire off, it has been easy enough to write excluding meta_content:! rule options]
The first rule sets a xbit named "wmiprvse" for one second if Sagan see's the Windows event 4688 with a process name of "wmiprvse.exe". You might have noticed the "xbit: nounified2" option. This option tells Sagan to not write out a unified2 event when this signature is triggered. This way, we won’t create an “alert” that our SOC would have to investigate. It does not stop Sagan from writing out it’s fast.log, alert.log, etc. We can use those logs to help debug Sagan xbits.
After extensive testing and some minor modifications, Quadrant will be adding these rules into the standard Sagan rule set! Jack Crook has done an excellent job and these rules will help people with early detection of hostile actors within there network. When the rules are offically added, we'll modify this page.
Our Sagan Solution is more than SIEM. It has evolved into an ecosystem that serves as an all-inclusive security solution. At Quadrant, we serve as the eyes and ears for our clients. Our solution provides the power and security of 24/7/365 monitoring, notification and remediation assistance by true security professionals, supported by ever evolving threat detection technologies and techniques.
KEY FACTS ABOUT SOFTWINK, INC.
-
US Businesses
-
Companies in Florida
-
Duval County Companies
- Company name
- SOFTWINK, INC.
- Status
- Inactive
- Filed Number
- P01000113145
- FEI Number
- 371426970
- Date of Incorporation
-
December 7, 2001
- Home State
- FL
- Company Type
- Domestic for Profit
CONTACTS
- Website
- http://softwink.com
- Phones
-
(800) 538-9357
(904) 296-9100
SOFTWINK, INC. NEAR ME
- Principal Address
- 4651 SALISBURY ROAD,
SUITE 315,
JACKSONVILLE,
FL,
32256,
US
- Mailing Address
- 4651 Salisbury Road,
Jacksonville,
FL,
32256,
US
See Also