Security Operation Centers
Real-time threat detection, analysis and investigation of security incidents, collection of forensic evidence, quick response to and recovery from a cyber attack.
Security Operation Center (SOC)
Incident Response
Our references include security operation centers in both public administration agencies and private companies.
When implementing a center we place great emphasis on good customer communication and devote extra attention to the collection of input parameters, description of goals and customer needs. After an initial audit we design the necessary processes, correlation rules to identify security incidents, a notification workflow, output report generation and an employee training plan.
This process leads to the implementation of tools to monitor the infrastructure in real time while providing a complete overview of the situation in the organization.
The technology of the Security Operation Centers is based on a combination of Security Information and Event Management systems with standard security elements including
- firewall
-
systems for
- intrusion detection and prevention (IDS/IPS),
- protection against malicious code (anti-virus, anti-spam and similar),
- the protection of web sites and portals,
- vulnerability assessment and management,
- user administration,
- and many others.