SOCaaS is designed both for customers who select the SIEMaaS and/or SIMaaS Services as well as for customers who have already deployed SIEM or SIM Technology in-house, but require a viable alternative to outsource the operational and monitoring activities.
Our SOCaaS is a Security Operations Center (SOC) subscription based service that ensures real time monitoring and analysis of the security events, proactive incident management and compliance with regulations. The SOCaaS approach provides a unique solution for customers wanting to outsource their information security operations to attain reliable, transparent, and efficient security and privacy. The service level includes real-time security monitoring and response by the OSI Security Incident Response Team (SIRT) including Analysis and Validation of the alerts, their interpretation to meaningful and actionable information, escalation based on mutually agreed Rules of Engagement and guidance throughout the lifecycle of security incidents until their mitigation and recovery.
OSI evaluate and update security procedures including but not limited to SIRT, Case Management and Change Management. Our SOCaaS design is based on security governance and defense in depth models and complements our cloud based threat management services.
The SWORDFISH Workflow Ticketing Tool is leveraged and maintained by OSI analysts to track incidents, while employing automatic incident escalation features. For High and Critical security incidents, there is a direct communication with the authorized points of contract within the Client’s organization.
Highlights of our SOCaaS service include:
- SIEM management, configuration and customization
- 24x7x365 continuous monitoring and analysis
- Unlimited Remote Security Incident Response to critical security incidents
- Advanced protection against both perimeter and insider threats
- Easy-to-use SOCaaS Service Portal
- Compliance reporting and log retention for PCI, HIPAA, NERC, etc.
OBRELA can analyze, plan and maintain an optimal SIEM installation based on the security requirements of each Client on a long-term basis. Indicatively, OBRELA is in position to:
- Maintain SIEM solutions for complex and critical environments.
- Develop content like correlation rules and reports, tailored to special characteristics of each infrastructure and each client individually.
- Administer and maintain the SIEM technology on a 24/7 basis.
- Develop tailored procedures and methodologies compliant with the requirements of the Client.
- Provide technical training seminars for specialized personnel (such as administrator groups, monitoring groups, groups responsible for security events responsiveness).
- Develop customized SmartConnectors from custom systems or applications.
Our SOCaaS is based on highly available Security Operation Centers that are manned by security experts and is a vendor independent service supporting most of the industry leading SIEM technologies.