Whether you represent a government organisation or commercial or industrial company, take advantage of the SOC services.
SOC provides reliable protection and response against an increasing number of emerging threats and incidents.
It is the ideal solution if you want to increase your IT security but you don't have experts in your company if building your own team is not a priority or If it’s not cost-effective for you.
All the services we offer are operated in our own monitoring centre NESTOR:
We resolve incidents which threaten companies' infrastructure and information assets, with the help of an internationally certified CSIRT team, which holds the prestigious accreditation by Trusted Introducer. CSIRT focuses on providing immediate assistance for resolving security incidents for commercial, contributory, nonprofit and state-owned institutions.
The CSIRT helps to prevent cyber incidents as much as possible. To achieve these goals, the CSIRT collaborates with other teams worldwide.
The SOC service can be summarised in 5 connected phases:
Prediction of cybersecurity risks – an analytical service used to predict situations that lead to security incidents.
Prevention of cybersecurity risks – activities such as penetration testing to prevent security incidents.
Detection of cybersecurity risks – identification and monitoring of cyber events.
SOC response –response to security incidents including logging, analysis, suggestion, and implementation of security measures.
SOC optimisation – constant improvement of services using a specialised analytical system.
According to the information scheme, security incidents can be reported to cooperate organisations, parent organisations or state-owned organisations.
At your request, we will provide a forensic investigation service in cooperation with a specialised CSIRT team.
Detection has the following three steps:
Aggregation of security incidents – we transfer the security incident logs to secure storage outside of the monitoring systems so they can be securely processed. If necessary, we will also involve other relevant sources of information in the aggregation process.
Correlation of security events – we correlate information from monitoring systems and add helpful infrastructure elements information as well as information on security events from relevant cybersecurity areas.
Security breach analysis – our security experts will process the information obtained in the previous steps with the help of specialised analytical tools, using publicly and non-publicly available information about security threats and trends. We promptly report the incident to second-level security analysts to initiate the response process. We will also report this to your company, according to the escalation matrix, if the detected incident could lead to a breach of confidentiality, integrity or availability of the protected information and systems.