A Security Operations Center (SOC) is a cornerstone to an effective security strategy. Building a SOC requires the right tools, right people and most important the right procedures to bring it all together. The alternate to an outsourced SOC is to go through extensive evaluations of available security tools, evaluate staffing needs, complete extensive tool training, professional services for tool deployment and building of processes to consistently investi- gate important alarms. This pro-
cess is incredibly time consuming, expensive and takes months, if not
years depending on the size of the organization. Guardian InfoSec Solutions can be deployed rapidly providing a SOC within minutes.
Guardian InfoSec Solutions provides a packaged solution to bring an innovative breach detection platform and expert security resources together in a SOC-as-a-Subscription.
Key Benefits
- Enterprise Grade Breach Detection Platform
- Turn a SOC on in days not months
- Analyst created monthly executive security briefing report
- Deployment Included
- Enables Compliance (PCI, HIPAA, NIST)
- All-Inclusive Monthly Subscription
- Month to Month commitment
- We do not nickel and dime for new devices, servers
- Dedicated Technical Account Manager
- 24x7x365 Constant Monitoring and Response
Customized Monthly Executive Security Briefing Report
Your dedicated Technical Account Manager will compile an executive report that includes:
- Key Alarms that occurred within the month with disposition
- Top system vulnerabilities and recommendations to remediate
- New industry specific threats
- Other security recommendations
- Additional custom data points as required by the client
Guardian InfoSec Solutions Pulse Platform Key Security Features
- Machine Learning
- Pervasive Visibility for Small to Very Large Companies
- SIEM Replacement
- Network Intrusion Detection System
- File Sandboxing (Detects ransomware, trojans and viruses.)
- DNS Tunnel Detection
- Best of breed integrated threat intelligence
- Automatic Domain Generation Detection
- Authentication Detection
- Malware Detection
- Exploit Detection
- Command and Control Detection
- Ex-Filtration and Personally Identifiable Information Detection
- Port Scan / Syn Flood Detection
- Anomalous Application Detection
- Anomalous Traffic Detection
- Anomalous Command Detection
- Anomalous Process Detection
- Anomalous File Access Detection
SOC Methodology
PREPARATION
- Gap Analysis of the Customer Environment
- Network Discovery Questionnaire
- Remote access for SIEM sensor install
- Recommendation of Technology Defining of SLA’s
DETECTION AND ANALYSIS
- Network Discovery Collection of host and network-based security logs
- Identification of Critical Systems and Privileged Users
- Refinement and tuning of correlation rules according to company policy and needs
- Compliance and Vulnerability Report scheduling
- Availability Monitoring and Alerting
- File Integrity Monitoring
CONTAINMENT, ERADICATION & RECOVERY
- Stop the bleeding by automated action or client recommendation
- Client recommendation for remediation within defined SLA’s (Critical, High, Medium, and Low)
- Playbook Execution (manual and automat- ed)
- Automated security orchestration (block, lookup, quarantine w/o customer interaction
POST-INCIDENT ACTIVITY
- Refinement of correla- tion rules to detect or monitor for other current or future com- promises across the network
- Continual recommen- dations for long term security program and roadmap improvement
- Additional threat-hunt- ing services available- Technology Defining of SLA’s