Call Sales: +44 2045852220
Velocity Check Resources
DraSS by Velocity
Powered by UNITRENDS, delivered by Velocity Check!
One solution to eliminate data loss, ransomware and downtime.
​
Ransomware is now targeting your backups – working to disable them from happening, encrypting them, or deleting them all together.
The only way to get ransomware protection for your organisation, data, and computing infrastructure is to perform frequent backups.
Velocity strongly recommends that you follow the 3-2-1 rule: 3 copies of your data, 2 different types of media, 1 copy off-site. You need to isolate and completely disconnect one copy of your backups to keep them from being corrupted by the ransomware attack.
When using Velocity's Drass solution, powered by UNITRENDS for offsite disaster recovery, your data is stored in an immutable format, meaning ransomware cannot access or compromise your backups. Your data is safe and recovery ready.
Secure your Infrastructure with Pre‑Integrated, Hardened Appliances.
Because of the wide prevalence of Windows, ransomware criminals predominantly target Windows-based servers, appliances, PCs, and devices.
Rather than protecting your infrastructure, a Windows-based backup appliance can become just another victim of a ransomware attack.
Acquire a backup and business continuity solution that is written in hardened Linux rather than Windows code.
All Unitrends backup appliances are written in hardened Linux to keep ransomware from making your recovery solution a victim of a ransomware attack.
Darkweb Monitoring
and Phishing Simulation
Powered by ID Agent, delivered by Velocity Check!
Information security assurance discipline prepares organisations to respond effectively in information security incidents, disclosed vulnerabilities and breaches, via the implementation of organisational controls, top management communication guidelines and user awareness and training.
Ensuring an organisation is prepared to manage effectively an information security incident or a breach starts by understanding the means opportunities and motives of adversaries.
Threat agents are actively pursuing targets opportunistically. Faced with challenges they move to the next target until they find an unprepared organization to infiltrate.
The overriding objective of organised cybercrime is to make money and an entire ecosystem of people, services, tools and infrastructures has been developed to support nefarious operations.
A vicious cycle of eCrime services delivery, distribution and monetisation, forces organisations to be successful in defending their assets all the time, whilst adversaries have to be successful only one time.
When the security perimeter is strong, adversaries move opportunistically to the weakest link of the cybersecurity chain, the human. Weak and reused passwords, detailed employee information on social networks and mastery in phishing methodologies is the quickest way in compromising an otherwise secure organisation.
Phishing Simulation Campaign
A campaign will send a premade kit, which includes an email template, landing page, and
sending profile, to a group of corporate users over a specified date range.
Phishing Kit Components
Phishing kits contain a matching phishing template, landing page, and sending profile to simulate a phishing event to selected corporate users. Below is the breakdown of the components:
Sending Profile
This is the ‘FROM’ address for the kit. Each sending profile also has a ‘Display Name’ which will appear to the user in their inbox. e.g.,
From: McAfee Support <McAfee_Support@bp-service-support.com>. Each email will send from a domain owned and signed.
Template
A template is an HTML file that mimics a legitimate email sent by a trusted entity or organization. It contains a {{.URL}} HTML token that automatically links to the target landing page that is contained in a kit. The link is tracked if clicked on using a {{.TRACKER}} HTML token.
Landing Page
A landing page is an HTML file that mimics a legitimate login form that is often used by actual phishing scams to retrieve information. Once a data submission button is clicked, the action is recorded, and the user is taken to a screen that displays a video educating the user on the dangers of phishing.
Custom Phishing Email
Custom email template that features HTML and a clickable attachment can be created in several different languages to personalize the expereience of the targeted corporate user.
Delivery Methodology
Training and Awareness
After the Phishing simulation campaign, another training & awareness campaign will send courses and cybersecurity training quizzes to all involved corporate users as well as track and report their completion of paired training quizzes.
Courses
Like phishing simulation campaigns, a course consists of a template (in the form of an email), a landing page, and a title.
Template
A training and awareness template is an email invitation that directs corporate users to a training landing page. These pages track the link to the landing page when clicked on.
Landing Page
A training and awareness landing page contains an embedded video and short quiz. The infrastructure tracks if the training is completed by the successful completion of the quiz. In order to pass, users must watch the video and answer the corresponding questions correctly.
Training Automation Framework
Scoping forms
Security Testing Scoping Form
PCI DSS CDE Scoping Form
ISO/IEC 27001 Scoping Form
TMSA3 Scoping Form
Our corporate video
Case study
Assessment against & compliance with PCI-DSS of 140 small to medium Greek companies.
With the advent of the Payment Card Industry Data Security Standard (PCI DSS) the Hellenic Bank Association requested from a large number of Greek merchant companies to comply with the security standard. The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organisations that handle branded credit cards from the major card schemes. The PCI Standard is mandated by the card brands and administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud. Members of the VELOCITY CHECK team are trained PCI DSS qualified security assessors (QSA) and have worked methodically in developing proprietary models and tools to apply the security standard across every target merchant company, in a project that lasted more than one calendar year.
Brand Toolkit
Our brand new Color logo - no background
Our brand new Color logo with background
Our brand new Black logo - no background
By using the VELOCITY CHECK logo and resources on this site, you agree to follow our Terms of Service and all other VELOCITYCHECK Ltd. rules and policies. If you have any questions, contact us at services@velocitycheck.co.uk