Managed SIEM SOC

THE TARGET

Detect security breaches, security events and suspicious activity that occur in real time.
Obtain a comprehensive and accurate security status and provide a focused and detailed information to handle the event.

THE CHALLENGE

  • Information security components gather millions of events on the corporate network and on company sites.
  • Collection the right data, aggregation, normalization and correlation of different technologies, devices, operations and events.
  • Lack of expert personnel to monitor and analyse the data.

THE WAY

See-Secure professional information security team has extensive knowledge and experience in integration of varied SIEM vendor systems.
Our team continuously defines, updates and configures aggregation, normalization and correlation of SIEM rules.

CONTROL CENTER SERVICE

See-Secure Security Operation Center (SOC) operates 24/7.
SOC separated to three tiers:

  • Tier 1 Analysts –  Monitoring and analyzing of security events and perform initial incident triage.
  • Tier 2 Incident – Responders providing advanced investigation.
  • Tier 3 Subject Matter Experts – Hackers, Forensics, Reverse engineers, threat hunters.

SIEM SOC ARCHITECTURE

SIEM SOC SERVICE

In the SIEM SOC Service, See – Secure provides the following:

  • Targeted security alerts – real time alerts
  • Weekly reports on events occurred during the week, malware, AV, user activity (defined by the customer)
  • Monthly meeting or video conference with an information security specialist
  • Monitoring SIEM dashboard screens according to customer needs.
  • Response to events:
    • Proactive system
      See Secure Intelligent system proactively reacts to information security incidents with pre-defined rules.
    • Cyber Investigation
      Identifying and gathering incident evidence, documenting, preserving, testing evidence, reporting findings.
    • Throughout the “Incident investigation”, our offensive Team will discover high level of security in every method taken. vulnerabilities such as inadequately configured communication equipment, non-secure protocol usage, misconfiguration of internal components and non-secure development.

Click HERE, to read more about our SIEM SOC service.