Galactic Plan

• All the constellation package features
• Intrusion Detection
• Security Training
• ISO & NIST Compliance

Intrusion Detection

Progress Technologies “Galactic” plan offers intrusion detection through Endpoint Detection and Response (EDR), which monitors behavioral telemetry for advanced threats, and automated investigation and remediation (AIR) to automatically contain and resolve incidents. It also includes Attack Surface Reduction to block malicious behavior, vulnerability management to find and fix weaknesses, and Next Generation Protection for real-time and cloud-powered threat detection.

• Endpoint Detection and Response (EDR): This core feature continuously collects behavioral data (process info, network activities, file system changes, etc.) from endpoints (computers, phones, tablets). It uses AI and behavioral analysis to detect suspicious activities and advanced threats in near real-time and aggregates related alerts into "incidents" for easier management.
• Automated Investigation and Remediation: When a threat is detected, the system automatically investigates the alert and takes action to remediate the threat and "auto-heal" affected assets, reducing the manual workload on IT staff.
• Automatic Attack Disruption: Specifically, it can automatically disrupt sophisticated attacks, such as in-progress ransomware campaigns, by identifying compromised assets and containing them to prevent lateral movement across the network.
• Attack Surface Reduction: This includes features like network protection and web protection, which regulate access to malicious IP addresses, domains, and URLs, effectively acting as an intrusion prevention component by minimizing the areas open to attacks.

• Threat and Vulnerability Management: It continuously assesses devices to discover, prioritize, and remediate software vulnerabilities and misconfigurations, proactively strengthening your security posture and preventing potential entry points for intruders.

• Centralized Management: All these features are managed from a single, simplified admin experience in the portal, providing insights, actionable recommendations, and security reports.

In essence, the tool provides robust, enterprise-grade detection and response capabilities that go beyond traditional IDS to actively protect the organization's devices.

Security Training

Progress Technologies “Galactic” plan offers a comprehensive suite of security training features, including interactive modules, simulated phishing attacks, and a wide range of content like videos, games, and posters. Key features include automated programs, user risk assessment dashboards, and AI-powered features that personalize training and suggest next steps. It also provides compliance training for regulations like GDPR and HIPAA, as well as secure coding education, to build a more resilient security culture

• Extensive Content Library: Access to the world's largest library of security awareness content, including interactive modules, videos (such as the "The Inside Man" series), games, posters, and newsletters.
• Engaging and Interactive Content: The content is designed to be engaging and uses humor and gamification (leaderboards and badges) to improve knowledge retention and user engagement.
• AI-Driven Recommendations: Uses machine learning to recommend additional, relevant training modules and content to users based on their performance and needs.
• Localization: The platform and content are available in over 35 languages to support multinational organizations.
• Mobile Learner App: Provides 24/7 access to assigned training via smartphones and tablets, allowing users to learn at their convenience.
• Customization: Organizations can customize training content, landing pages, and even upload their own SCORM-compliant content.
• Simulated Phishing Attacks: Allows administrators to send mock phishing, spear-phishing, vishing (voice), and smishing (SMS) attacks using a vast library of templates.
• Phish Alert Button (PAB): A one-click email add-in that allows users to safely report suspicious emails to their incident response team, reinforcing positive behavior and providing the organization with threat data.
• Social Engineering Indicators (SEI): If a user fails a simulated phish, they are immediately shown a landing page highlighting the "red flags" they missed, creating an immediate learning moment.
• Risk Scoring: The SmartRisk Agent calculates individual user, group, and organizational risk scores based on user behavior and performance, providing actionable metrics to prioritize security efforts.
• Assessments & Surveys: Includes the Security Awareness Proficiency Assessment (SAPA) and the Security Culture Survey (SCS) to measure baseline knowledge and culture, and track improvement over time.
• Automated Security Awareness Program (ASAP): A tool that helps organizations quickly build a customized, step-by-step security awareness program with suggested content and a task calendar.
• Smart Groups: A feature that allows dynamic grouping of users based on criteria like department, location, or behavior, to tailor training and phishing campaigns automatically.
• Advanced Reporting: Offers over 60 built-in, enterprise-grade reports and executive reports to track progress, measure ROI, and make data-driven decisions.
• Integrations: Integrates with third-party platforms (like Splunk or Microsoft 365) to push custom security events and data, enhancing the overall human risk picture.

In summary, the platform focuses on creating a "human firewall" by engaging employees in continuous, dynamic, and personalized training that changes behavior and significantly reduces human-related cyber risk.

ISO & NIST Compliance

ISO & NIST provide comprehensive frameworks of security controls, policies, and processes designed to manage information security risks and establish a robust security posture. These frameworks overlap significantly and cover similar security areas.

Risk Management and Governance
Both frameworks emphasize a systematic, risk-based approach to security.

• Risk Assessments: Formal processes to identify, analyze, and mitigate potential threats and vulnerabilities to data assets.
• Security Policies: Requirement for documented information security policies approved by management and communicated throughout the organization.
• Governance: Establishment of roles, responsibilities, and authorities for managing information security.
• Continuous Improvement: A mandate for ongoing monitoring, auditing, and updates to the security system to adapt to evolving threats and ensure effectiveness.
• Core Security Controls: The technical and operational controls are where the "features" are implemented: