Security Operation Center
Security Operation Center (SOC)
Drivers:
Today IT world is facing an increasing number of threats and vulnerabilities as data streams are getting in and out in more variations and complexity. Commercial value of these data streams make them attractive targets to hackers. Sensitivity of this situation is even more grave as various regularity bodies put pressure on companies to put protective measures into their data management processes. Other than strong commitments that companies have toward their customers and employees to ensure security and privacy of their data and Personally Identifiable Information (PII), passing various regulatory audits has become a critical driver.
Solution:
A SOC is related with the what so called, 3P: People, Processes and Product (Technologies) involved in providing situational awareness through the detection, containment, and remediation of IT threats. A SOC manages incidents for the enterprise, ensuring they are properly identified, analyzed, communicated, actioned/defended, investigated and reported. The SOC also monitors applications to identify a possible cyber-attack or intrusion (event) and determine if it is a real, malicious threat (incident), and if it could have a business impact.
B3 Specific Services:
B3 provides a full cycle (see Figure 1) of services from assessing customer system and environment to deploy, tune, train and support.