SECURITY OPERATIONS CENTRE (OWISOC)
Service components
24x7 security incident handling and threat identification
-
IT systems availability monitoring from the user's perspective
-
Monitoring of critical elements of infrastructure
-
Information security event monitoring
-
Analysis of information system alerts
-
Monitoring of privileged user activities
-
Monitoring of untypical user behavior
Investigation and prevention of security incidents and events
-
Security incident management in accordance with ISO 27035 standard
-
Registration of security incidents and events, investigation, and identification of root-cause
-
Supervision of Security incidents remediation and solution analysis even when activities performed by 3rd party providers
Collecting, storing and analysis of events and audit records from information systems
-
Collecting, filtering, normalizing and correlating of audit trails
-
SIEM monitoring and regular policy updates
-
Continuous analysis of SIEM events
Regular Scan of IT System Vulnerabilities
-
Scanning of IT Infrastructure and WEB application vulnerabilities (once a quarter)
-
Vulnerability scan results verification/validation, analysis and resolution support
-
Monitoring and supervision of the elimination/corrective actions for detected vulnerabilities
-
Honeypot trap installation and events analysis
Employee Theoretical and Practical Training in IT Security Issues
-
Tests of most common social engineering attack vectors for an organization (annually)
-
Security awareness training of employees (1x per year, up to 25 participants)
-
Access to security knowledge base
Management and service activities reports
-
Overview of the actual Information Security state of the organization
-
Information on eliminated security incidents and prevention status
-
Information about identified security events and threats
