FAQs

Our five values are immensely important to us. Our values guide how we work and how we engage with suppliers and clients and are as follows:

• Honesty
  We have always worked hard to ensure that we are offering an honest and transparent set of solutions to our clients.
• Passion
  We are ardent students of cyber security. We are fanatical about the sector – working in cyber security really means something to each and every one of us.
• Tech Driven
  Cyber Security is by nature a tech-heavy sector. We only partner with vendors that truly understand the sector and have solutions that are tried and tested.
• People Powered
  We understand that the tech alone is not going to provide you with the security you need. It is our job to know these solutions inside-out and ensure they are right for your requirements.
• Committed to Doing Good
  SEP2 is an honourable organisation guided by a strong moral compass. We authentically live this value; it is not simply about ticking a social responsibility box. We understand that we are on the side of ‘good’ in a continuing war against cyber criminality.

SEP2 are a cyber security specialist who employ passionate cyber security experts, and who represent the best cyber security solutions from global vendors.

We understand that offering world-class cyber software is only one part of a cyber strategy. It is as important that the solutions are onboarded and supported by industry experts.
Our team are passionate about the cyber security sector. They understand the need to listen and the importance of contextualised advice.

This is why we say we are ‘Tech Driven and People Powered’

We have built a successful cyber security business by investing in our people. We have a fantastic track record of recruiting at all levels, from apprentices to management, and helping all employees to become fully-fledged members of our team.

This is why we say we are Tech-Driven and People Powered.

Our people are a testament to this.

If you are interested in joining a growing team then please get in touch.

Here is a list of comments made by our clients;:

• “Love the company and your support is unbeatable.”
• “SEP2 and the customer are one because of the conscientious and sincere approach SEP2 effortlessly apply to all interactions.”
• “I am a happy customer.”
• “I feel that all the products and services offered to us are pitched to a level that provides best quality for a realistic price.”
• “Availability of knowledgeable staff is excellent and response times to queries or problems is also excellent.”
• “Technical ability and support…is very good.”
• “SEP2 act as partners not simply suppliers.”
• “Good on all counts. Always available, know what they’re talking about.”
• “We have dealt with various checkpoint partners in the past, and our best experience has been with SEP2.”
• “The service we receive is excellent.”
• “I am extremely happy with the level of service that I receive from SEP2.”
• “Prices are always competitive and solutions effective and reliable.”

An organisation’s Net Promoter Score (NPS) is a globally recognised way of tracking responses to a simple question: “How likely are you to recommend this company to people you know?”

An NPS score ranges from –100 to +100.
Any score under 0 is considered to need improvement.
Any score between 0-30 is considered to be good.
Any score between 30 and 70 is considered to be great.
Any score over 70 is considered to be world-class.

SEP2 calculated their NPS in July 2021 as 55.

The phrase “malware” was initially formed from the words “malicious software”, but has come to denote any type of software code that has been built with malicious intent.

Examples of these are viruses, ransomware, spyware and trojans, all of which work differently in terms of the threat they present.

Both a virus and a worm are two types of “malware”. A virus will spread itself from device to device once it has been activated by its host, whereas a worm will multiply independently once a system has been breached.

A strong cyber security posture with associated policies is required to mitigate against the threat of both.

A Trojan virus takes its name from the Trojan Horse, and similarly is a type of malware that is disguised as legitimate software. They are usually deployed on a user’s system after the user has been duped by some form of social engineering.

Once deployed, even though they will appear as bona fide, they will inflict harm on your network.

The phrase ‘keylogger’ refers to any software that captures and records a keyboard’s keys as they are hit. A keylogger doesn’t have to be malicious, but when they are, they will use algorithms to deduce a user’s passwords and data.

Malicious keyloggers can be picked up simply by visiting a nefarious website.

Similar to keyloggers, Spyware will record activity on your computer or network. Spyware is usually designed to be hidden and therefore hard to detect and remove.

As such, prevention is key.

Network detection and response, also known as NDR, refers to a set of solutions that use advanced analytical techniques to monitor traffic across the network, and send alerts about suspicious behaviours.

A network detection and response solution will not prevent malicious activity – think of it as a highly advanced warning system.

NDRs are one of the fastest-growing areas of cyber security.

When we refer to a “next generation” firewall, we are referring to the third generation of firewall.

They combine a traditional firewall with more advanced solutions such as intrusion prevention, filtering and deep packet inspection.

Also known as ‘WAF’s, Web Application Firewalls filter and monitor traffic between the internet and a web app.

They work by ensuring that hypertext traffic (HTTP and HTTPS) is constantly filtered, monitored and analysed for threats.

Think of Web Application Firewalls as being application-specific protection.

A cloud access security broker, known as ‘CASB’, is a software security tool that is positioned in between a user and their cloud service.

Cloud Access Security Brokers have visibility across the entire cloud stack, detecting threats as they appear.

A CASB will ensure the safe use of cloud-based apps and services.

As the name suggests, application acceleration uses a number of linked technologies to increase application performance.

They work by employing compression, caching and transmission control protocols, amongst others.

If your organisation is application-heavy, then application acceleration solutions could enable you to gain significant performance advantages over your competitors.

Cloud Network Security is an over-arching term used to describe how cloud security can be centrally managed.

The responsibility for cloud network security lies between both client and provider.

Having a robust cloud network security system in place will reduce or even eliminate the threat posed by malicious behaviours.

Like Cloud Network Security, Cloud Workload security describes the protection of services, such as applications, that are cloud-based.

The term ‘workload’ could refer to a container, serverless function or database, in other words the functions that store the data required to make an application work.

The phrase ‘Zero Trust Network Access’ refers to a policy whereby every point of access requires verification.

It is a strict approach to network access that is enforced through granular policies that can be summed up as follows: “Trust Nothing; Verify Everything”.

Due to the increased threat posed in today’s world, ZTNA is quickly becoming an industry standard.

Firstly, ‘SaaS’ is an acronym meaning ‘Software as a Service’. SaaS exploded in the early 21st Century, as vendors moved their commercial service offers online.

The shift to online or cloud-based infrastructures opens up a set of cyber security risks, therefore it is imperative that a SaaS model is secure.

Also known as ‘email hygiene’ or ‘email content security’, email security expresses the need to ensure a secure approach to the email channel.

Email is the single largest source of threats in the modern era. As such, an organisation’s security posture must have email security at its forefront.

An email security strategy needs to be adaptive, as the threats themselves will adapt over time.

When we use the phrase ‘secure web gateways’, we refer to a software or hardware solution which performs web filtering, restricting what web content can be viewed and brought into the network. Filtering can be based upon categorisation, or simply to block malicious content.

As the name suggests, the role of a secure web gateway is to protect data and enforce an organisation’s security policy.

An Endpoint Detection and Response system, which is also known as EDTR (the ‘T’ referring to ‘threat’), is a type of cyber security technology that will continually monitor and respond to cyber threats specifically on Endpoint devices.

The value of having this at endpoint is that they are able to fully defend against threats without a threat being able to spread into the network.

A good EDR will carry out four functions:

1. Detect
2. Contain
3. Investigate
4. Eliminate

The phrase ‘SASE’ was first coined by industry analysts Gartner in 2019.

It refers to the combining of Network-as-a-Service and Network-Security-as-a-Service.

This type of approach will afford improved control over anything accessing an organisation’s network.

A Secure Access Service Edge incorporates four components:

1. Secure Web Gateways
2. Cloud Access Security Broker
3. Zero Trust Network Access
4. Firewall-as-a-Service.

One of the benefits of a SASE approach is that it will scale as the organisation scales.

Mobile threat defence, or MTD, will be specifically implemented to address threats on mobile devices and their platforms – most commonly iOS and Android.

As such, if your organisation typically allows employees to use their mobile devices for work (A practise known as ‘BYOD’ or Bring Your Own Device), or if you supply your employees with a corporate issues mobile device, then an MTD platform should be a consideration.

It is imperative that an organisation is able to identify a user and, having done so, has a clear policy on what type of access to the network they should be granted.

This is something that will usually follow an organisation’s job roles, with specific attention being paid to the level of IT access they need.

IDAM is particularly important if an organisation is operating a Zero Trust Network Access model.

Following on from IDAM, Privileged Access Management will determine who should have elevated, (or ‘privileged’) access to a network and will sit close to a company’s IT security policy.

Such users are likely to be dealing with business-critical information, so additional security is paramount.

Phishing is the name given to the attempts made to acquire an organisation’s sensitive data.

These are often done in a ‘call and response’ manner, for example the distribution of fraudulent messages.

Examples of data that is threatened by phishing scams inlcudes usernames, passwords or personal information.

A typical security response to phishing would be to have an awareness, detection and remediation programme in place.

Security Information and Event Management is commonly known as ‘SIEM’ in cyber security circles.

The main function of SIEM is to detect threats, thus ensuring that an attack, or ‘event’ does not take place.

A SIEM solution will typically combine a number of functions that include detection, investigation, pro-active threat hunting, information collection, response and remediation.

XDR, or eXtended Detection and Response is an evolution of Endpoint Detection and Response solutions (EDR), where multiple incident response and detection products are consolidated into one.

The benefits are an XDR are that detection is accelerated and solutions are more comprehensive. XDR is particularly prevalent in multiple-siloed environments.

In cyber security circles, SOAR means ‘Security Orchestration, Automation and Response’.

Think of SOAR as a full-stack security platform that combines orchestration and automation, incident response and threat intelligence platforms.

A Threat Intelligence Platform, or TIP, is a fundamental part of an organisation’s security posture.

A TIP will usually combine a number of intelligence sources to provide insights into the levels and sources of cyber threats.

A good Threat Intelligence Platform will have a great User Interface (‘UI’) ensuring that threats can be quickly responded to.

Attack Simulation Technology, or Breach and Attack Simulation (BAS), as the name suggests is a set of tools designed to emulate an attack cycle on an organisation’s network.

It will provide insights into vulnerabilities and therefore provide a way of preparing for and ultimately mitigating against risk.

Vulnerability and patch management share similar qualities, but an organisation needs to consider both as part of their cyber security strategy.

Vulnerability management describes the ongoing process of staying ahead of cyber threats by searching for areas of threat across a network’s infrastructure.

Patch management is the fixing of any vulnerabilities that are unearthed.

If software development can incorporate security at source, then the resulting application is likely to be more secure for users.

A development platform that has heightened security, such as the ability to fix vulnerabilities during the coding process, is always going to be the most secure solution for developers.

A cloud security posture management solution (CSPM) will allow the automation of cloud security processes across IaaS, SaaS and PaaS infrastructures.

CSPMs are a vital part of any cloud-based application provider, as it is their responsibility, and not that of the cloud host, to ensure system security.