In our vision, setting up a SOC is not just about taking into account the top 20 or top 25 sold use cases as other partners usually do. The difference is that we understand SOC to be an actual extension of our client’s operational security. In essence, we put an XDR (SIEM + EDR + NDR) platform in place, we maintain it, and we use out of the box IOCs to alert evolving security threats, while maintaining enough flexibility to still design specific business-related use cases tailored to the client’s needs. At the same time, we can still ensure extra monitoring for the more critical systems. If necessary and needed, an extension of our security platform to monitor cloud solutions for security monitoring is still possible in a later stage.

In our 360° SOC proposal we will include:

In addition, we can offer extra services on top of the SOC

  • Vulnerability risk management

Vulnerability management is the process of identifying, evaluating, treating, and reporting on security vulnerabilities in systems and the software that runs on them. This, implemented alongside other security tactics, is vital for organizations to prioritize possible threats and minimizing their “attack surface.”

Security vulnerabilities, in turn, refer to technological weaknesses that allow attackers to compromise a product and the information it holds. This process needs to be performed continuously in order to keep up with new systems being added to networks, changes that are made to systems, and the discovery of new vulnerabilities over time.

 

  • SOC Validation with Breach and Attack Simulations results in a continuous security posture validation. This can include Red Teaming and Purple teaming.

SOC Service Scope

The SOC team will protect critical client systems 24x7x365 and look out for any Indicators of Compromise (IOC) on malicious activity by adversaries that can threaten or paralyze the very core of the business. Sertalink’s on-site IRT team will notify security incidents to client support teams and manage the incident response. Actively monitor the system for suspicious activity and threats.

  • Remote SOC team
    • 24 x 7 x 365 threat monitoring
  • On-site IRT team (Belgium)
    • 24 x 7 x 365 Rapid Response Team
      (Professional language skills: ENG, FR, NL) (within 1->2h onsite)
      • Team lead with +- 10 years of IRT experience with the Belgian military/defense
      • LVL 1 IRT specialists with IR backgrounds. Our team can transition to Remote IR seamlessly
  • SOC model enables deep knowledge of each customer’s environment at scale
  • Specialized domains of expertise
  • Real-time investigations Alert validations
  • Customized threat profile based on industry targets + important assets
  • Active threat hunting
  • Proactive monthly reporting
  • Shared View: for Client, the Remote SOC team and the Onsite IRT team have access to a shared dashboard to view the environment)
  • Multi-Vendor Integration Support

CONTACT US FOR ADVISORY & QUOTATION ON SALES@SERTALINK.COM

X