Security Operations Center
Our SOC services provide round-the-clock protection, monitoring your network, systems, cloud, APIs/applications, and databases for suspicious activity, with our security experts ready to respond while you focus on your core business operations.
SOC building blocks
Guiding principles
People
- Training On-the-Job
- Experience Knowledge
- Transfer
Process
- Identity
- Investigate
- Prioritize
- Respond & Resolve
Technology
- SIEM
- Connectors
- Network Monitoring
- Threat Intelligence
- Forensics Honeypots
Process
Processes are an essential building block that will enable a solid SOC governance
Initial Assessment
- Determine, assess and perform GAP analysis of current capabilities (data, infrastructure, stakeholders, etc.)
- Define and prioritize infrastructure components (network, OS, Legacy applications, databases, etc.)
Customized Environment Tuning
- Fine tune the equipment logs and implement security use cases
- Develop the honeypot environment
- Definition of search parameters on the dark web with related cyber threat intelligence
- Fine tune reports, alerts and dashboards
Policies & Procedure Definition
- Create/Modify policies and procedures (incident management, Patch management, Change management, etc.)
Escalation Matrix
- Define SOC roles and responsibilities
- Define SOC KPIs
- Define decision tree design
Continual Improvement
- Entrance SOC capabilities, effectiveness & efficiency of services & processes.
- Introduce corrective measures where necessary.
Technology
Our solution offers several benefits
Do you have a question or concern?
We are happy to communicate with you at any time, please feel free to send your message