P. 11

 The SOCaaS service catalogue is structured in multiple pillars, as shown in the table below.
The table depicts the core and auxiliary services of the CyberAntix SOCaaS, from which a custom service bundle can be created, that most benefits an organization:
Security Operations Modules
• Real-time monitoring and investigation
• Data source tuning
• Customer communications
• Monthly reporting
Incident Response Modules
• Level 01: Incident containment plan creation
• Level 02: Level 1 + remote or on-site incident remediation
Proactive Detection Expansion Modules
• Module 01: Threat Hunting
• Module 02: Vulnerability assessment and management
• Module 03: Threat Intelligence Sharing
• Module 04: Penetration Testing
• Module 05: Code Review
• Module 06: Deception and honeypots
Lifecycle Consulting
• In-depth report interpretation
• In-depth risk assessment
• Security roadmap management
• Security maturity improvement
Security Engineering
• Gap analysis
• Security architecture services
• Complex event source handling
• SIEM deployment and tuning
• EDR deployment
• NTD/IPS... deployment
• Etc.
Managed detection, Level 2 incident response, threat hunting, deception, and lifecycle consulting:
In order to also detect sophisticated, targeted attacks, and to significantly speed up incident response, an organization might add Level 2 incident response, along with proactive threat hunting, and deception/honeypot capability to the core detection service. As with the previous case, based on the results of SOC activity, the lifecycle consulting service would provide continual improvement of defences and detection capabilities.

   8   9   10   11   12