_Detection_Service.png)
Managed Security Operations Center (MSOC) Detection Service
Managed Security Operations Center (MSOC) Detection Service for 1000 Event per Second (EPS) includes,
· SIEM Onboarding
· SIEM Rule Integration and Continuous Improvement
· Continuous Security Monitoring
· Standard Security Monitoring Automation Integration
· L2&L3 Analysis and Reporting
· Standard Cyber Threat Intelligence Feed
· Technical Support for Products
You will receive a confirmation mail, and within a day, a zoom meeting will be arranged by our team. The invoice will be sent within 2 business days.
Related Product
_Detection_Plus.png)
_Detection_Response_Service.png)
SIEM Onboarding Service
The service covers all the technical operations planned to make sure SIEM is ready for monitoring.
· Initial analysis of the organization's threat surface,
· SIEM Analysis (if applicable),
· Planning the technical work to be executed according to the analysis outputs,
· Identifying and integrating critical log sources,
· Elimination of false positives on SIEM,
· Examining and configuring existing detection rules on SIEM and defining new detection rules,
· Determination and completion of alarms and criticalities.
SIEM Rule Integration and Continuous Improvement
Defining new detection rules required by Level-2 security analysts and engineers within the scope of monitoring services and ensuring the continuity of the continuous improvement process with the necessary regulations.
Continuous Security Monitoring
According to the 24/7 basis of the information systems of the Organizations; it is a service that provides monitoring of security indicators (attack, invasion, vulnerability), performance indicators, availability status, domain health indicators as well as reporting the event in accordance with pre-determined Service Level Agreement (SLA) periods and methods in case of an event.
Standard Security Monitoring Automation Integration
Integration of the playbook defined as part of the monitoring service and used for incident management.
L2&L3 Analysis and Reporting
Comprehensive analysis and root cause investigation service from the points needed within the scope of monitoring services.
Standard Cyber Threat Intelligence Feed
Sharing indicator of compromise (IOC) collected from intelligence sources (such as Hash, IP, Domain Name, etc.).
Technical Support for Products
Providing technical support for the products provided within the scope of MSOC services (SIEM, SOAR, EDR, NDR, XDR, etc.) in-line with the agreed SLA processes.
Botnet Tracking, Monthly Attack Surface Management, Compromise Assessment for Pre-Defined Assets, Service Availability Tracking, Active Response, Security Operations, Incident Response and Monthly Threat Hunting are optional services for this package.