Accelerate Your Roadmap
BUSINESS PROCESSES & APPLICATIONS PERFORMANCE
strong roots run deep
SOC
Security Operations Center (SOC) Your proactive defense posture.
Key Capabilities
- Cyber Security Team with more than 250 Security consultants
- Extensive experience in delivering SOC/SIEM/Automation
- Partnerships, training access and capabilities across multiple leading technology players including SIEM, network security, server/end-point security, EDR/SOAR, and cloud security
- Experienced in latest trends and technologies including analytics, Machine Learning (ML), Behavior and Anomaly Detection, Security Automation and Robotic Process Automation (RPA)
Next generation Security Information & Event Management (SIEM) platform – Purpose-built for security including out-of-the-box analytics, correlation rules and dashboards to help enterprises address their most pressing security use cases without requiring significant customization effort.
Service
Solution
Elements
Security Monitoring & Alerting
Next Gen MSSP Security Information & Event Management (SIEM) platform (Qradar) with built in threat intelligence and UBA
(Up to 2500 Events Per Second- EPS)
- Platform hosted in our private cloud, integrates customer log sources
- Mitre Att&ck® mapped and TI based event correlation and alerting
- User behavioral analytics-based event correlation and alerting
Threat hunting & Forensics investigation
Log data captured through SIEM on-demand forensics investigation
- Incident analysis and forensics through the logs captured on SIEM.
- On-demand digital forensics External Forensics investigation for any forensics evidence
- Manual threat hunting
Global threat intelligence
- Integrated global threat intelligence-based event correlation and response through direct threat feed integration
Ticketing tool & Integration
- SOC platforms will be integrated with ticketing tool for automatic tracking of incidents raised and SLA tracking
- All incidents raised will be raised as service tickets through the ticketing tool provided, the workflow and integration will be based on the agreement with Customer
Security Incident response and forensics support
Support Includes:
- L1 Monitoring
- L2 and L3 incident investigation and remediation support
- L3 – Named Single Point of Contact (SPOC) for operations
- Threat hunting and log forensics
- Security Project manager
Integrated Operations Center (IOC) Approach: Combining NOC and SOC
Our IOC approach integrates Network Operations Center (NOC) and Security Operations Services (SOC), avoiding gaps and overlaps in tools and services that can negatively affect both the cost and quality of operations. Silver Tree’s IOC provides incident response, event monitoring and correlation utilizing a shared dataset with common/shared communications protocols. NOC and SOC functions are co-located, giving increased visibility and effectiveness in addressing incidents and events, as well as operational efficiency and cost savings.
Integrated NOC (i.e., network and systems monitoring and management) and SOC (i.e., Security Operations, threat detection and event correlation) provide clear and comprehensive visibility and management of the infrastructure that enables your business. We leverage our proven transition methodology to ensure a smooth start of monitoring and support services with minimal impact to operations and service levels.