SOC

We provide Security Operations Center (SOC) Services using Big Data Technologies

01
/06

Security Operations Center

We provide Security Operations Center (SOC) Services, SIEM Solutions Integration and Maintenance from the leading vendors, including our own SIEM Platform (ISOC SIEM) using Big Data Technologies.

By Agreement with the Computer Security Incident Response Team (CSIRT), INFOSECURITY connects Critical Information Infrastructure Subjects to State System for Detecting, Warning, and Eliminating Effects of Computer Attacks (GosSOPKA).

Modern security means enable to protect against specific types of threats, but don't provide any holistic view of the event. A consolidated analysis of events from various security means helps to provide a fuller picture. SIEM Solutions collect all necessary data. But the technology is not the only SOC component.

Equally important are processes and staff implementing the maintenance, equipment and software configuration, and incidents processing. INFOSECURITY has the required infrastructure to serve SOC, and the Company's dedicated unit is staffed by certified experts.

02
/06

SOC Implementation Options

Depending on your requirements, hardware and software suites, we can offer 3 options for SOC implementation:

    Cloud SOC on ISOC SIEM
  1. Cloud SOC on ISOC SIEM

    Event Processing and Incident Detection are performed at INFOSECURITY facilities using our own ISOC SIEM Solution

  2. Облачный SOC
  3. Hybrid SOC on MaxPatrol SIEM

    Event Processing and Incident Detection are performed at the Customer's facilities using MaxPatrol SIEM; this process involves our experts and analysis system

  4. Облачный SOC
  5. Consulting on its own SOC Development

    based on our long experience, we create processeses and implement regulations, and also provide recommendations for selecting a platform, settings and recruitment

03
/06

Video

04
/06

Goals

  1. Mitigate Identity Theft and Embezzlement Risks
  2. Business Continuity
  3. Reduce Incidents Effects
  4. Regulatory and Cyber Security Standards Compliance
05
/06

Challenges

    Выявление кибератак
  1. Early detection of cyber threats

  2. Разбор инцидентов
  3. Quickest possible parsing of incidents through a large number of information systems

  4. Реагирование на инциденты
  5. Incident response involving profile experts

06
/06

Additional Materials

    Загрузка файла
  1. Presentation on GosSOPKA Corporate Center

  2. Загрузка файла
  3. Presentation on Incident Monitoring and Response based on ISOC SIEM

  4. Загрузка файла
  5. Presentation on Incident Monitoring and Response based on MaxPatrol SIEM