Service

Security Operations Center (SOC)

by Infopulse GmbH

Logo of Infopulse

Key Facts

  • Security Operations Center (SOC)
  • Security Information and Event Management
  • Security Monitoring

Categories

  • Managed security services
  • Consulting IT security

Key Facts

  • Security Operations Center (SOC)
  • Security Information and Event Management
  • Security Monitoring

Categories

  • Managed security services
  • Consulting IT security
Show More

PRODUCT DESCRIPTION

Security Operations Center (SOC) as a service is the most solid and comprehensive approach to security operations for businesses. We provide SOC in any mode: monitoring, control, or operational. Components of the service include: • Security Information and Event Management (SIEM) implementation and administration; • Security Monitoring Team; • Incident Response Team; • Control Team (audits); • Operational Team (security infrastructure management). Our services are based on industry-recognized SIEM software systems like QRadar, Arcsight, Splunk, Sentinel, Alien Vault and others. We implement Distributed and Highly Available SIEM. We build the SOC or any its function at the Customer’s site (on-premises or in the cloud) or provide them as a service remotely. Main values of Infopulse SOC service are: • 24×7 real-time control over business protection; • Prompt detection, prevention, and mitigation of security incidents; • Full compliance with internal and external requirements; • Detection of configuration and change management defects. Advanced monitoring and operation features offered by Infopulse: • Detection and protection from zero-day attacks • Extended malware protection • User behavior analytics and anomaly detection based on statistics or machine learning • Integration of the platform with third-party threat intelligence software • Proactive defense by integrating with security systems • Built-in vulnerability scanning or integration with third-party appliances • Extended Active Directory and File Service monitoring While working on SIEM architecture and implementation, Infopulse conducts the following: • Deep analysis of assets before connecting them to SIEM: setup required controls, logging level, and risks assessment, agreement of an appropriate type of collection (agent or agentless); • Preliminary assessment and optimization of client logging infrastructure.

Show More
graphical blue background

IT Security Best Practice: Protecting Businesses from Cyberthreats