SoC Automation

SOC Automation is the automation of certain aspects of cybersecurity defense like detection, investigation and response.

Features & Benefits:

Security Information and Event Management (SIEM)

The collection, analysis and correlation of logs from various sources results in alerts in case of security flaws or potential risks. A fraudulent use of the IT and applications, internal fraud and security threats are detected out of millions of events. Our Intelligence Team analyses suspicious events and prioritizes them in terms of business criticality and need for urgency

Host based Intrusion Detection System (HIDS)

Analysis, monitoring and detection of anomalies on hosts lead to active response and immediate alerts. HIDS collects, analyses and correlates logs of a server or client and alerts if an attack, fraudulent use or error is detected. It checks file integrity of the local system

Vulnerability Management and Assessment (VAS)

Continuous internal and external vulnerability scans with comprehensive detection, compliance checks and tests deliver results with zero false positives and full vulnerability coverage

Network based Intrusion Detection System (NIDS)

High performance analysis of the network traffic is used for signature- and behavior-based detection of dangerous malware, anomalies and other network traffic risks

Software Compliance (SOCO)

Compliant software per server / server groups is assessed according to policies and a continuous analysis of the current status

Advanced Threat Detection (Email & Web/ ATD)

Next generation sandbox technologies are used for the detection of advanced malware. Best-in-class detection of advanced malware is specifically designed to detect and stop advanced and evasive malware created to bypass conventional security defenses