SOC as a Service_1 day Implementation

The ES Managed SOC (security operation centre) assessment proactively hunts and investigate threat activity across your IT estate; performing the triage of detections that monitors:

• Endpoint: Malicious files, scripts, log data, remote access, hacker utilities • Network: Firewalls, DNS, IDS, log data, TCP/UDP connections • Cloud: Office 365, Azure, Email compromise, logins, mail forward rules.

An attack vector is the method or entry vehicle used by an adversary to penetrate and successfully compromise the corporate asset. The SOC assessment comprises of monitoring three critical attack vectors by collecting data, detecting the threat, creating a security incident ticket with a remedy and the ability to isolate and contain the threat when needed.   Key Features of the SOC Solution:

1. SIEMless Log Monitoring • Monitor, search, alert and report on the 3 attack pillars: network, cloud and endpoint log data spanning: Windows & macOS security events; Firewall & network device events and Office 365 & Azure AD cloud events.
2. Threat Intelligence & Hunting • Real-time threat intelligence monitoring, connecting to premium intel feed partners giving our customers the largest global repository of threat indicators
3. Breach Detection • Detect adversaries that evade traditional cyber defenses such as Firewalls and AV. Identifies attacker TTPs and aligns with Mitre Att&ck, producing a forensic timeline of chronological events to deter the intruder before a breach occurs.
4. Intrusion Monitoring • Real-time monitoring of malicious and suspicious activity, identifying indicators such as: connections to terrorist nations, unauthorized TCP/UDP services and backdoor connections to C2 servers.

The implementation of the Managed SOC Service for your business covers: • Implementation within 24 hours • 24/7 monitoring & critical breach remediation; • Threat remedy; • Device isolation

Packages range: R135 - R175 excluding per endpoint/per month, subject to ROE