Threat Detection and Prevention
2026.06
In order to preserve the integrity of data that Bioscope AI stores, processes, or transmits for Customers, Bioscope AI implements strong intrusion detection tools and policies to proactively track and retroactively investigate unauthorized access. This include threat detection and prevention at both the network and host level, as well as threat intelligence monitoring.
Policy Statements
Bioscope AI policy requires that:
(a) All critical systems, assets and environments must implement realtime threat detection or prevention.
Controls and Procedures
System Malware Protection
All end-user workstations and production systems must have antivirus running.
- Next generation endpoint protection agent may be used as an equivalent solution.
- Hosts are scanned continuously for malicious binaries in critical system paths. Additionally, if supported, the agent is set to scan system every 2 hours and at reboot to assure no malware is present.
- The malware signature database is kept up to date, changes are pushed continuously.
- Logs of virus scans and alerts are maintained according to the requirements outlined in System Auditing.
Detected malware is evaluated and removed following the established incident response process.
All systems are to only be used for Bioscope AI business needs.
Firewall Protection
Firewall protection is implemented at the following layers
Network - including Network ACL and Security Groups in AWS as well as on- premise firewalls between the office networks and the Internet.
Host - local firewalls are enabled on the user endpoints as well as servers (compute and database instances in AWS are protected by security groups)
Application - web application firewall (WAF) and content distribution are configured at the application layer to protect against common web application attacks such as cross site scripting, injection and denial-of-service attacks.
Network Intrusion Detection
Intrusion Detection for On-Premise Internal Networks
- Bioscope AI leverages an industry standard Wireless Controller for network security of its on-premise environments.
- The controller features stateful firewall inspection and intrusion detection/prevention (IDS/IPS) of applicable incoming and outgoing network traffic. Attacks and suspicious network activities are blocked automatically.
- Bioscope AI IT manager is responsible for configuring the firewall and IDS/IPS rules and review the configuration as least quarterly.
Intrusion Detection in Cloud Environments
Bioscope AI implements real-time threat detection across our CSPs by utilizing a mixture of signals from audit trails, network activity, runtime logs, and more.
Host Intrusion Detection
Host-based intrusion detection is driven by direct install via our global device management utility. On device purchase, a remote profile is installed through Apple Business Manager, and Endpoint Detection and Response (EDR) software is deployed to the endpoint.
Web Application Protection
Bioscope AI leverages AWS Services to protect web applications against common attacks such as SQL injection, cross-site scripting, and denial-of-service (DoS/DDoS) attacks. The services used include AWS Shield, WAF, CloudFront, and/or API Gateway.
Centralized Security Information and Event Management
Security events and alerts are aggregated to and correlated by one or both of the following solutions:
- A Cloud Security Posture Management (CSPM) system
- A Security Incident and Event Monitoring (SIEM) system
- Internally developed security automation tooling
Threat Intelligence Monitoring
Intelligence Feeds
Intelligence feeds are received automatically through some of the 3rd party security solutions that have been implemented on the networks and/or endpoints. The Bioscope AI security team also utilizes open source feeds to keep abreast of any shifts in the threat landscape.
The data gathered through these external intel feeds is automatically used by the security solutions to analyze events and generate alerts or investigations.
Regulatory Requirements Updates
The Security and Privacy Officer actively monitors the regulatory compliance landscape for updates to regulations such as HIPAA.