Security Operation Center (SOC)

Security Operation Center (SOC)

SOC will become a single point of contact for cyber security incident reporting & coordination in the state.

SOC is a centralized location (s) where key IT systems of an organization are monitored, assessed and defended from cyber-attacks.

Why SOC is needed

SOC is needed:

  • For continuous prevention against malicious attack
  • Easy detection of threat
  • Response capabilities against real time incidents in the network

SOC is needed:

  • Incident response including coordination, resolution, recovery & subsequent prevention of attack.
  • Threat Intelligence which includes threat information aggregation, correlation and dissemination of actionable intelligence for its constituents
  • Security advisory services including advisories on threats in the software and hardware in use by the constituents to minimize impact due to existing and zero day vulnerabilities & exploits) and coordination with CERT-IN and other public and private entities
  • Coordination with CERT-IN and other public and private entities including OEMs

High level infrastructure design are mentioned below:

Our Expert

Coming Soon

Logical View

Services Offered

The SOC is a cross-functional virtual center providing situational awareness through the detection, containment, and remediation of IT threats. Overview of the processes involved are mentioned below:

Security Operations Centre’s process involve collection of logs and events from multiple sources, analysing and correlating with internal and external infrastructure components and generating alerts providing insights of overall security posture. Particular response activities can include

  • Infrastructure Security
  • Endpoint Protection
  • Internal Vulnerability Assessment & Penetration Test
  • Internal Threat Management Program
  • Data Protection & Classification
  • Tool Engineering and Deployment
Identified threat reports with solutions

Coming Soon

Visitor Count : 1434

Last Updated : 14/10/2019