THE TARGET

Detect security breaches, security events and suspicious activity that occur in real time.
Obtain a comprehensive and accurate security status and provide a focused and detailed information to handle the event.

THE CHALLANGE

  • Information security components gather millions of events on the corporate network and on company sites.
  • Collection the right data, aggregation, normalization and correlation of different technologies, devices, operations and events.
  • Lack of expert personnel to monitor and analyse the data.

THE WAY

Nuage Tech professional information security team has extensive knowledge and experience in integration of varied SIEM vendor systems.
Our team continuously defines, updates and configures aggregation, normalization and correlation of SIEM rules.

CONTROL CENTER SERVICE

See-Secure Security Operation Center (SOC) operates 24/7. SOC separated to three tiers:

  • Tier 1 Analysts : Monitoring and analyzing of security events and perform initial incident triage.
  • Tier 2 Incident : Responders providing advanced investigation.
  • Tier 3 Subject Matter Experts : Hackers, Forensics, Reverse engineers, threat hunters.

SIEM SOC ARCHITECTURE


SIEM SOC SERVICE

In the SIEM SOC Service, See Secure provides the following:

  • Targeted security alerts real time alerts
  • Weekly reports on events occurred during the week, malware, AV, user activity (defined by the customer)
  • Monthly meeting or video conference with an information security specialist
  • Monitoring SIEM dashboard screens according to customer needs.
  • Proactive system See Secure Intelligent system proactively reacts to information security incidents with pre-defined rules.
  • Cyber Investigation Identifying and gathering incident evidence, documenting, preserving, testing evidence, reporting findings.
  • Throughout the ‘Incident investigation’, our offensive Team will discover high level of security in every method taken. vulnerabilities such as inadequately configured communication equipment, non-secure protocol usage, misconfiguration of internal components and non-secure development.