Security operation center – SOC
SERMA offers a genuine SOC service to ensure real-time detection and to protect you from cybersecurity threats.
All SOC activities are covered by our service
- Prevention: You can benefit from our customised cybersecurity monitoring service tailored to your environment, as well as vulnerability scans on your devices exposed to the Internet, to identify their level of exposure to malicious activity
- Detection: We deploy a detection base (SIEM) within your IS to monitor in real time, detect, qualify and conduct investigations in the event of a proven threat resulting in a security incident
- Response: We intervene, remotely or on site, to contain the current threat and eradicate the risk
- Our service uses guides to ensure compliance with industry standards, and ensures best practices for SOCs are applied
- Our experts are highly skilled in the development of custom detection algorithms, and each detection base is equipped with dedicated automation and orchestration, allowing a rapid response in the event of a cyberattack.
- Give visibility to your TOP MANAGEMENT via the customised ISS Dashboard developed to ensure better monitoring and control of your IS security.
- Boost your peace of mind with a Service Delivery Manager responsible for tracking your KPIs/KRIs and presenting them to you in the various Security committees!
- Data extrusion
- Persistence mechanisms
- Privilege escalation
- Illegitimate access
- Identity theft
- Spread of computer viruses
- Malicious browsing
Detection of attacks through correlation scenarios implemented on the SIEM system
Automatic ticket creation in our ticketing tool and assignment of the ticket to an SOC analyst
- Connection to the SIEM via a dedicated administration bastion host.
- Criticality assessment.
Collection of evidence and performance of further investigations, drafting of an investigation sheet handed over to the Customer, including the first actions to block the attack
- Triggering of the crisis unit
- Deployment of remediation
- Threat eradication
- Final resolution of the security incident