SOC - Security Operation Center

It enables continuous monitoring, detecting threats and analysing the security of IT systems and infrastructure. SOC ensures fast response to incidents that could adversely impact the operations of an organization.

The Scope of SOC services

Incident monitoring and handling

• collecting, analysing and correlating events occurring in client systems and networks
• after automatic verification in the systems, the collected data is then checked by analysts
• detecting security events or incidents
• evaluating the impact of an IT security incident on client systems
• false positive alarm verification
• handling events in accordance with the procedures (e.g., incident escalation)

Incident response (expanded incident monitoring and handling service)

• remote response to a detected cyberevent
• contact with client’s security team
• consulting in terms of actions mitigating adverse incident effects
• collecting missing information in the case of most advanced attacks
• in-depth analyses, e.g., of found malware samples or communication with botnets or command and control (C&C) networks
• support in the field of forensic analyses

Prevention

• proactive control preventing numerous ICT security incidents
• penetration testing and security reconnaissance
• security audits and reviews
• identifying and evaluating vulnerabilities
• support in the field of ensuring conformity with legal or corporate requirements in terms of information security
• consulting in the field of organizing in-house security teams (processes, technologies, human resources)

SOC Team

Specialists fulfilling all of the aforementioned tasks for our clients exhibit high skills and vast experience.

This is evidenced by numerous, renowned and globally recognized certificates and completed training courses in the field of ICT security, such as ISO 27001 Lead Auditor, ISO 22301 Lead Auditor, CISA, OSCP, OSWP, CEH, CySA+, CompTia Security+, CCIE, CCNP, CCNA, CCDA or PCNSE.

The SOC team they make up is divided into three lines of support. 

Service variants

Depending on the client’s needs, the complexity of ICT system, as well as already implemented security processes and procedures, our team will tailor an offer best-suiting the requirements.

• Support by EXATEL may be limited solely to “fighting fires” in the event of security incidents detected by the client. Our SOC experts remain on standby and will come to the aid when an incident requires a response (SOC Assistance service).
• Should the client require assistance to a greater extent, our specialized SOC L2 and L3 engineers, besides helping with security incidents, will also implement projects in the field of advanced cybersecurity services, such as training, audit, pentesting, etc. (SOC Support service).
• In the case of required involvement of our SOC team in 24/7 monitoring and detection of security incident at the client’s premises, we can also adjust the service level, from the observation of several crucial data sources and submitting periodic reports on infrastructural security (SOC Starter service), to comprehensive monitoring with ongoing incident response (24/7/365).

Benefits