strong roots run deep
Security Operations Center (SOC) Your proactive defense posture.
Next generation Security Information & Event Management (SIEM) platform – Purpose-built for security including out-of-the-box analytics, correlation rules and dashboards to help enterprises address their most pressing security use cases without requiring significant customization effort.
Security Monitoring & Alerting
Next Gen MSSP Security Information & Event Management (SIEM) platform (Qradar) with built in threat intelligence and UBA
(Up to 2500 Events Per Second- EPS)
- Platform hosted in our private cloud, integrates customer log sources
- Mitre Att&ck® mapped and TI based event correlation and alerting
- User behavioral analytics-based event correlation and alerting
Threat hunting & Forensics investigation
Log data captured through SIEM on-demand forensics investigation
- Incident analysis and forensics through the logs captured on SIEM.
- On-demand digital forensics External Forensics investigation for any forensics evidence
- Manual threat hunting
Global threat intelligence
- Integrated global threat intelligence-based event correlation and response through direct threat feed integration
Ticketing tool & Integration
- SOC platforms will be integrated with ticketing tool for automatic tracking of incidents raised and SLA tracking
- All incidents raised will be raised as service tickets through the ticketing tool provided, the workflow and integration will be based on the agreement with Customer
Security Incident response and forensics support
- L1 Monitoring
- L2 and L3 incident investigation and remediation support
- L3 – Named Single Point of Contact (SPOC) for operations
- Threat hunting and log forensics
- Security Project manager
Integrated Operations Center (IOC) Approach: Combining NOC and SOC
Our IOC approach integrates Network Operations Center (NOC) and Security Operations Services (SOC), avoiding gaps and overlaps in tools and services that can negatively affect both the cost and quality of operations. Silver Tree’s IOC provides incident response, event monitoring and correlation utilizing a shared dataset with common/shared communications protocols. NOC and SOC functions are co-located, giving increased visibility and effectiveness in addressing incidents and events, as well as operational efficiency and cost savings.
Integrated NOC (i.e., network and systems monitoring and management) and SOC (i.e., Security Operations, threat detection and event correlation) provide clear and comprehensive visibility and management of the infrastructure that enables your business. We leverage our proven transition methodology to ensure a smooth start of monitoring and support services with minimal impact to operations and service levels.