SOC | SIEM | CSIRT
We define, implement and monitor cyberincidents from the perimeter of the network. We use modern event correlation technologies.
"We cover the three standard areas of a SOC/CSIRT: a team of highly trained professionals; efficient and proven processes; and appropriate, state-of-the-art technologies. As a differential, our service includes a fourth area: Business Context information."
Our Process
We have proven and efficient processes in the definition of a SOC/CSIRT in daily operation, defining subprocesses of preparation, identification, containment, eradication and recovery, immersed in a scheme of continuous improvement. Likewise, our operational processes are optimized to have visibility into the cyber-environment of the company, analysis of events and rapid and adequate response actions.
Our Technology
Our partnership with the company C-S® that produces SIEM Prelude® allows us to have the latest technology to meet the requirements necessary in today’s cyber-environment, which we complement with other components to provide the precise service that our customers need.
IBM QRadar, It is the corporate SIEM (Security Information & Event Management) that has become the de facto standard in the market. It has the ability to collect security information from different data sources, network flows, assets and users, and correlate it with a powerful rule engine. In this way, it is possible to detect malicious activities in real time and be able to stop them quickly, avoiding or minimizing damage to the organization.
QRadar It allows the incorporation of a large number of applications that make it possible to exploit the collected data, incorporate new sources, analyze vulnerabilities, carry out forensic analysis, analyze user behavior, etc. and in this way increasing the power in the detection and prevention of threats.
Prelude is a SIEM (Security Information & Event Management), a security control tool. It collects and centralizes the company’s security information to provide a command center, through log analysis and correlation. It also alerts the user of attacks and intrusion attempts to the system in real time.
Prelude offers a variety of big data research and reporting tools to identify weak signals that may appear as Advanced Persistent Threats (APT).
Finally, Prelude has all the tools to assist and facilitate operator work and risk management.
