Security Operation Center (SOC)

benifits
  • It is a modular and scalable production.
  • It is implemented in local and secure method.
  • It has GUI, WUL and CLI Interface.
  • It is installed and is using in different companies, organizations and banks.
  • It could be used in managed security service providers.
Research partner
IRISA
Year
description

A security operations center (SOC) is a centralized unit that deals with security issues on an organizational and technical level. A SOC within a building or facility is a central location from where staff supervises the site, using data processing technology. The SOC is responsible for monitoring, detecting, and isolating incidents and the management of the organization’s security products, network devices, end-user devices, and systems. This function is performed seven days a week, 24 hours per day. The SOC is the primary location of the staff and the systems dedicated for this function.

Within this scope, following peculiarities can be taken into account:

  • Real-time monitoring / management (aggregate logs, aggregate data, coordinate response & remediation)
  • Log classification & normalization
  • Security event correlation
  • Multiple state attack detection
  • Incident response with priority policies
  • Alert triage & attack response procedure
  • Policy management
  • Production & exhibition statistics about the network traffic
  • Providing the ability to search all information about the detected attack in DB
  • Dealing with security issues on an organizational and technical level.

Monitoring, detecting, and isolating incidents and the management of the organization's security products, network devices, end- user devices, and systems.

X