NA
OEM
CSP/14
Security Operations Center (SOC)
Cyber Threat, Incident Response, Log ingestion, SIEM, OSINT, Cyber Resilience Engineering Framework
Advanced security controls should be part of an integrated program that covers detection, orchestration, automation, analytics, incident response, measurement and reporting.
Differentiators
- Cyber Threat & Situational Awareness framework
- Incident Response mechanism
- Log ingestion from Dark Web Harvesting platform, Honeynet (or deception solutions), OSINT (open-source intelligence) and the IT assets hosting the business-critical information and data
- Effectiveness of SIEM is proportional to the telemetry of data collection and the spectrum of log collection
Solution
- Based on Cyber Resilience Engineering Framework (CREF)
- Provision for logs collection across the IT infrastructure
- Offer events correlation & security analytics
- Effective SIEM
- Periodic Vulnerability Assessments
- Privilege Identity and Access Management solution
Features
NA
Solution Components
NA
Frameworks
Gartner "Five Models of Security Operations Centre” SANS 2016 Survey for Security Analytics NCIPC & CERT-IN Guidelines"
Client end Requirment
NA
Support
NA
Training
- Number of modules: 3
- Module 1: Red team tactics
- Module 2: Blue team tactics with deployed security controls & SIEM analytics
- Module 3: Playing in cyber range
- Duration of training: 10 days
Scope
- Known, known attacks
- Known, unknown attacks
- Unknown, unknown attacks
Architechture
NA
Infrastructure/Operation
NA
Technical Specifications
NA
Target Clients
NA
Pricing / commercial model
NA
Use cases
NA
Differentiators
- Cyber Threat & Situational Awareness framework
- Incident Response mechanism
- Log ingestion from Dark Web Harvesting platform, Honeynet (or deception solutions), OSINT (open-source intelligence) and the IT assets hosting the business-critical information and data
- Effectiveness of SIEM is proportional to the telemetry of data collection and the spectrum of log collection
Solution
- Based on Cyber Resilience Engineering Framework (CREF)
- Provision for logs collection across the IT infrastructure
- Offer events correlation & security analytics
- Effective SIEM
- Periodic Vulnerability Assessments
- Privilege Identity and Access Management solution
Features
NA
Solution Components
NA
Frameworks
Gartner "Five Models of Security Operations Centre” SANS 2016 Survey for Security Analytics NCIPC & CERT-IN Guidelines"
Client end Requirment
NA
Support
NA
Training
- Number of modules: 3
- Module 1: Red team tactics
- Module 2: Blue team tactics with deployed security controls & SIEM analytics
- Module 3: Playing in cyber range
- Duration of training: 10 days
Scope
- Known, known attacks
- Known, unknown attacks
- Unknown, unknown attacks
Architechture
NA
Infrastructure/Operation
NA
Technical Specifications
NA
Target Clients
NA
Pricing / commercial model
NA
Use cases
NA