Skip to main content
Skip table of contents

Monitoring & Detection

Thru Extended Detection and Response

Thru employs a defense-in-depth strategy combining host and network monitoring, log analysis, and cloud security analytics for robust threat detection and automated response. Wazuh provides endpoint detection and response (EDR), and vulnerability management across Thru infrastructure. Native Azure analytics strengthen anomaly detection, while Shodan tracks external signals for emerging attack campaigns.

Preventative Controls

Multiple preventative controls mitigate risk exposure:

  • Web application firewall capabilities in HAProxy perform layer 7 filtering, TLS termination, JWT verification, and rate limiting.

  • SQL injection, XSS, CSRF, and other OWASP Top 10 risks are mitigated by React JS sanitization, .NET binding, and database row-level security.

  • Brute force protection includes login delays, account lockouts, IP blocking, and API throttling.

  • Network security groups heavily restrict traffic while allowing authorized connections.

  • Azure Cloud Defender scans incoming files against malware signatures.

DDoS and WAF Partnership

Thru leverages Microsoft's DDoS prevention suite for always-on traffic scrubbing and rapid mitigation. We tune HAProxy for superior coverage over traditional WAFs while avoiding false positives.

Thru MFT services scan the files up to 250MB, files with larger size are passed w/o scanning for performance purposes. Scanning limits can be changed per environment.
Until scanning is completed, files are not transferred and are not available for download.

Centralized Security Visibility and Control

Thru provides centralized visibility and policy-based controls covering data access, transfers, system changes, and user actions across our platform. Dashboards track all file activities in real-time with configurable alerts for security events like failed logins along with options to report on historical audit trails.

Comprehensive Activity Audit Trails

Detailed forensic audit logs capture every user, application, and admin transaction within Thru systems down to the API call level. Tracking file handling from upload to download with associated metadata assists incident investigation including identification of root causes. Audit integration with SIEM tools enhances retention and analytics.

Proactive Data and Infrastructure Monitoring

Thru leverages our own asset dashboards in addition to extensive platform telemetry monitoring through Azure and third-party tools. Internal service health checks combine with external network sensors to provide holistic coverage for performance, reliability, and security monitoring.

Thru Vulnerability Management Program

Thru employs a defense-in-depth approach to vulnerability management across our infrastructure and applications:

  • Daily automated scans of networks and external IP ranges using tools like Wazuh to detect misconfigurations and potential entry points.

  • Integrating web app scanning into CI/CD pipelines utilizing OWASP ZAP to identify code-level risks during development.

  • Annual comprehensive penetration tests and cloud audits performed by certified third-party agencies to simulate real-world attacks against production systems.

While specific technical reports contain sensitive information about detected vulnerabilities and remediations, Thru is happy to summarize outcomes, trends, and security posture with customers under NDA. We also welcome inquiries from customers who wish to coordinate their own testing events pending review of scopes and authorization to avoid production impact. Our goal is full transparency into our rigorous vulnerability management programs safeguarding the Thru platform.

Proactive and Continuous Pen Testing

Thru employs frequent penetration tests across environments to validate security posture, audit configurations, and identify risks. Daily automated scans run by internal teams cover external-facing assets to detect network and application changes that expand attack surfaces and vulnerabilities. We complement regular static and dynamic analyses like Nmap, Wazuh SIM, and OWASP ZAP with annual assessments from accredited third-party agencies.

While customers may request to conduct their own pen tests on Thru assets after submitting forms to authorize scanning scopes and approaches, we mandate oversight into testing procedures that could impact production systems.

Our internal testing rigor and controls strive to address common customer content security questions without requiring external validation experiments on live environments. We welcome discussing any security-related concerns.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.