Security Operations Centre (SOC)

Nettitude is an award winning cyber security organisation with unparalleled capability in delivering managed security services. Through our geographically dispersed Security Operations Centres (SOCs) we are able to deliver round the clock services that secure our clients, and detect and respond to sophisticated cyber threats.

Nettitude SOC Powered By Threat2Alert

The Nettitude Security Operations Centers (SOC) deploy Threat2Alert (T2A) to gain visibility and situational awareness (see diagram stage A below) of your environment. The components can be deployed to provide the right level of visibility of your environment and its threat surface.

We do not just rely on Security Information and Event Management (SIEM) and logging tools to send you alerts and reports. The data from all of the Threat2Alert components deployed are analysed by our SOC Security Team and are filtered and investigated.

You are then presented with actionable information (see diagram stage B below). Actionable information may include configuration changes to your firewalls, IPS rules, YARA agents, or it may be user awareness education around phishing emails, policy changes to your security posture or guidance around your architecture and defensive capabilities/systems.

However, we do not stop there – we then follow up to ensure that the actions taken have been effective through monitoring and further testing. We also ensure you have taken an effective response (see diagram stage C below) to the threat that has been identified, so that you have assurance in your security posture.

Threat2Alert (T2A) will provide enhanced, data analytics and intelligence about your environment to the Nettitude SOC. This data is passed through our Indicators of Compromise (IoC) database to generate ‘actionable events’ which in turn are fed back to our analysts. When security incidents are identified, our SOC will provide you with clear and concise guidance to contain the event and manage the next steps. To understand how we use Threat2Alert as part of our managed SOC services, please look here! Threat2Alert Platform

Nettitude’s SOC Service Level Offerings

Security Essentials

The entry level service is provided for clients who have traditional SIEM requirements around compliance or specific reporting needs.

Logs will be ingested from a wide variety of sources as required, correlated, and  retained.

Events and Indicators of Compromise (IoC) will be identified as active alerts.

Automated dailey, weekly and monthly reports will be tailored to the clients requirements.

Compliance reporting needs only PCI, HIPPA, Sarbanes Oxley

Automated service only, no requirements for eyes on screen

Premium (8x5 SOC)

In addition to the above, daily eyes on screen will be provided to review your reports and events/alarms.

30 minutes of incident investigation is included and actions relayed back to yourselves about how to contain, prevent and recover from the incident.

Our SOC will also respond to calls for investigations from you and will monitor trends and behaviour within your environment.

Technical threat intelligence feeds will also be included within your traffic analysis showing what IP addresses need to be blocked, which configu-ration settings in your environment need to be changed and where your process or procedures need to be adapted.

Proactive log and event Eanagement

Eyes on screen

Full SOC service

Need a fully managed service

Elite (24x7 SOC)

In addition to the premium service level, a 24×7 SOC and response service will be provided with escalation to the Incident Response Team for a deep dive investigation.

This will be conducted to provide an action plan and suggested course of activites based on the findings.

Compliance reporting needs only PCI, HIPPA, Sarbanes Oxley

Automated service only, no requirements for eyes on screen

Nettitude’s SOC Service Portfolio

Intelligent Cyber Security and Risk Management   0345 5200 085