SOC is a managed service that leverages a bespoke Threat Monitoring Platform. This platform detects malicious and suspicious activity across 3 critical attack vectors: Endpoint, Network & Cloud.
The ES Managed SOC (security operation centre) assessment proactively hunts and investigate threat activity across your IT estate; performing the triage of detections that monitors:
• Endpoint: Malicious files, scripts, log data, remote access, hacker utilities • Network: Firewalls, DNS, IDS, log data, TCP/UDP connections • Cloud: Office 365, Azure, Email compromise, logins, mail forward rules.
An attack vector is the method or entry vehicle used by an adversary to penetrate and successfully compromise the corporate asset. The SOC assessment comprises of monitoring three critical attack vectors by collecting data, detecting the threat, creating a security incident ticket with a remedy and the ability to isolate and contain the threat when needed. Key Features of the SOC Solution:
The implementation of the Managed SOC Service for your business covers: • Implementation within 24 hours • 24/7 monitoring & critical breach remediation; • Threat remedy; • Device isolation
Packages range: R135 - R175 excluding per endpoint/per month, subject to ROE