SOC
SERVICES
SECURITY OPERATION CENTER
A Security Operation Center represents a centralised unit where the information can be monitored and analysed
ACTIVITIES
Log management
Logs are collected and stored centrally inside your perimeter or directly at our SOC Data Center (depending on the bandwidth availability)
SIEM (Security Information & Event Management) platforms
This service focused in the SIEM tool development as a tool, which analyses the acquired logs against a set of correlation rules creating events to be analysed by security analyst
Security device managing (SDM)
This service includes IDS / IPS management both at the network level and at the host level, providing periodic reports on any suspected activity (failed intrusion, malicious hacking attempts) through supervised actions based on routing rules and policies.
Alert and event monitoring
This service helps in the prompt identification and correlation of security anomalies theough real time detection of errors and alerts from multiple and heterogeneous sources
Threat prevention
Prevention and prediction of cyber security events by real time analysis and manipulation (normalisation, aggregation and correlation) of network traffic