The SOC service provides active 24/7/365 cyber protection of networks and customer technologies through active monitoring of security threats and incidents in SIEM.
Energotel's tools and well-defined SOC processes ensure preventive prevention, detection, analysis and response to security incidents.
Main characteristics of the SOC service:
- 24/7 permanent presence of the SOC analyst, immediate response to a security threat, attack or incident
- ability to properly analyze, classify and respond to security incidents
- non-distortion of information about the real state of the security environment, minimization of false incidents
- recording, forecasting and prevention of potential security incidents and threats
- cooperation with the customer and support of customer's professional teams in the incident solving process
- communication with the national CSIRT teams and Bureau of National Security
- measurable criteria for evaluating the quality of service, processing and sending reports
- information sharing, extensive knowledge base of captured incidents
- advice on infrastructure evaluation and design of security measures in accordance with the Cyber Security Act
- scanning for vulnerabilities in public and private networks
- support in investigating the root causes of security incidents
- threat intelligence - processing and sending information from paid sources