Comprehensive Security Operations Centre (SOC)

We provide a comprehensive solution for managing cyber security events and incidents in the form of a service. This service minimises the response time to cyber security events and incidents and therefore the perilous damage resulting from them.

Through the Cyber Defence / Security Operation Centre, services are provided consisting of continuous collection, receipt, detection, analysis and investment of security events and incidents, their recording, reporting of actions and their resolution in the form of response.
 

• Continuous collection, normalization, categorization and correlation of information (not only logs) through technological solutions.
• Taking the detected facts and forwarding them to the security event and incident management process, especially in the initial entry to the Short Event Trial, in which it is validated whether it is a real threat or not.
• Detailed analysis of security incidents and their final evaluation as to whether they are security incidents or false alarms. In the case of false alarms, suggestions for improving security are passed on, especially the detection mechanisms of individual security but also other elements in the infrastructure. In the event of detection of a security incident (confirmation that it is not a false alarm), the incident is subjected to investment in the cyber security event and incident management process.
• Cyber security incident investigation is performed to determine the attack vector, impact and other information necessary to investigate security incidents and determine the appropriate response.
•  We then design the response and collaborate on the response.  Here, we can also provide coordination in the management of cyber security incidents upon request, by providing the role of an "Incident Coordinator" or requesting the intervention of a CSIRT response team.
•  Post incident activities, consisting mainly of record keeping and recommendations for further security development.