The range of tasks can vary from simple support to comprehensive, proactive operation or even SOC service. In all cases, they include vendor maintenance and troubleshooting, for which we provide expert resources – for both remote and on-site work – and device replacement. If required, we perform system configuration and modification within the agreed timeframe, and even provide dedicated back-up devices. SOC services are provided by our subsidiary, the internationally successful SOCWISE Ltd.
Managed security operations services
To be able to provide the most efficient security operations analysis service to our customers, our experts have developed a so-called threat-based defense model, which is an efficient means of detecting and managing threats based on the method and purpose of the attack. The model is built on the NIST CSF and MITRE ATT&CK frameworks. In addition to managed SIEM, SOC as a service also includes detection and response services. The service consists of SOC analysis activities, SOC management, cybersecurity consulting, and any other service elements as needed. The components of the technology we use are able to detect intrusion attempts in all phases of the attack. We provide our customers with diverse, customized service levels, the components of which align to the People-Process-Technology trinity.
Managed SOC (Build – Operate – Run)
For customers who have neither a security operations system, nor analysts to analyze alerts, we can provide a complete SOC system as a managed service. As part of the service, our specialists deploy the monitoring infrastructure (SIEM system), perform analytical tasks, participate in or coordinate intervention steps, and help continuously develop the system as consultants. The service is also available in a Build – Operate – Run model, which can be most beneficial to customers who have already used the service for three or four years and would like to perform SOC system-related tasks themselves. In these cases, our colleagues help build the team, train new experts, and develop processes on the customer’s side, so that following the handover, the customer will be able to perform SOC tasks independently and with the same level of security.
Managed analysis service (MDR)
For customers that already have a SIEM system in place, we provide detection and response services so they can further secure their systems and processes. In this case, our team of experts use the deployed technology on the customer’s premises, for which we offer multi-level supervision as needed. As per our proven methodology, the coordination of cybersecurity incidents is performed by an on-call service manager and analysis and response tasks are customized by a cybersecurity consulting team.