Security Operation Center
Delivered SOC for the largest bank in South East Asia
Monitoring and detecting any threatening event is critical to any organization's security in a globally networked world. It requires a structured approach and well-managed service by security expert. The primary duty of the SOC is to monitor and identify cyberattacks in the organization, so the organization may kill the cyber attack chain in the earliest possible phase of the attack.
Security Operation Center for Specific Assets
Investigating Potential Incidents
SOC teams receive a large number of alerts, but not all alerts point to real attacks. SOC analysts are responsible for digging into a potential incident to determine if it is a real attack or a false positive.
Triaging and Prioritising Detected Incidents
Not all security incidents are created equal, and an organization has limited incident response resources. Once an incident has been identified, it needs to be triaged and prioritised to optimise resource utilisation and minimise enterprise risk.
Coordinating an Incident Response
Responding to an incident requires engagement with multiple stakeholders and the use of a variety of different tools. SOC analysts must orchestrate this process to ensure that oversights do not result in a delayed or incomplete remediation.