Thein Security - Security Operations Center Customer Portal

inden Thein Security s.r.o.

(1 bedømmelser)

Self-Service platform and single point of contact for complex features of the SOC

Managed Detection and Response service provided by Thein Security.

The purpose of the Customer Portal tool is to provide the Thein Security customers with a self-service platform for secure communication and secure file transfer and information exchange between Thein Security SOC staff and the customer cybersecurity teams.

It was developed by Thein Security using the Microsoft Azure tools. It is being hosted on the Microsoft Azure platform, specifically through the Azure App Service, Azure Storage, Azure Logic Apps and Azure Functions.

The Customer portal is accessible via web based frontend console. But it also supports deeper integration with the customer's internal environment via standardized API.

The Customer Portal main characteristics guarantee to its users
- access via personalized URL unique per each customer
- secure Authentication with the use of Azure SPN
- instant access and optimized performance of the data queries and information requests due to incorporation of an in-memory cash and Azure Redis tools
- guarantied secure storage for customer content like ticket attachments, shared files or audit logs

Key functionality of the Customer Portal is the instant access to the SOC operation features:
- Overview of actual and historical incidents - the section contains both automatically created incidents sourced from Azure Sentinel and manually created incidents inserted via the Customer portal by SOC staff or customer security team.
- Overview of existing Analytics rules in Azure Sentinel with possibility to create a new one or edit the existing ones.
- Support for an easy onboarding of new end points. The section contains information needed for installation and configuration of agents on target servers.

The Customer Portal contains also no less important sections for secure and guarantied communication of security teams each other featuring e.g. Request a Support, File share, Query an Audit log, Announce a Maintenance window, Monitor overall Service Health - availability status of all connected components and modules (e.g. Azure, SOC tools etc.)