SolaredSOC Security Control

SolaredSOC Security Control

SolaredSOC Security Control is a set of services for identifying and addressing the critical vulnerabilities and regular audits of infrastructure for the presence of zero-day malware and new threat vectors detected by the SolaredSOC sources.

SolaredSOC Security Control is a set of security control policies based both on the own experience of SolaredSOC for identification, treatment and investigation of information security incidents and the information about the targeted attacks from the global information security laboratories.

SolaredSOC Security Control allows for accumulating the efforts to address only those vulnerabilities through which real attack can be performed

rights_14.pngUsing SolaredSOC Security Control service client receives:

  • Possibility to free time of own specialists from consuming tasks of scan report processing
  • The ability to focus efforts of IT departments for removing only critical vulnerabilities
  • Organizational and technical control of elimination of security vulnerabilities on critical nodes of its infrastructure
  • An objective picture of the company's key security components from targeted attacks
  • Current information and real-time search of zero-day malware as part of their infrastructure

rights_11.png«SolaredSOC: Security Control» solves the following problems

  • Absence of tools to quickly analyze and identify infrastructure vulnerabilities
  • The need for labour-intensive processing and interpretation of massive report about vulnerabilities to the final task for IT service
  • The difficulty in allocating the time of desperately busy specialists of information security department for organizational and technical control of elimination of vulnerabilities
  • The difficulty in obtaining and interpreting the information about new targeted attacks for rapid detection of traces and bodies of malware that are not detected by anti-virus software
  • The need for specialized competencies and tools to create an actual policy for key systems audit, aimed at both on compliance with standards and real protection against current attacks

rights_12.pngSolaredSOC Security Control Benefits

  • Get the real pictures of infrastructure vulnerabilities considering all features of architecture of business processes
  • Technical and organizational control of the process of vulnerabilities elimination by IT services
  • The most relevant information about new threats and incidents as part of SolaredSOC technology partnerships
  • The use of experience of all SolaredSOC customers to provide security;
  • The ability to prevent a targeted attack on the infrastructure at an early stage

rights_13.pngFive Facts about SolaredSOC: Security Control

  1. Aggregation of own analysts about hacker groups, botnets and untrusted IP-addresses with data from laboratories
  2. Cross informing the clients having similar infrastructure about detected attacks
  3. Signing partnership agreements with leading CERT and information security resource centres for operational countering the cybercrime
  4. The unique experience and methodology of detection of incidents based on the correlation of information security events, multiple system types and subscriptions for reputation databases
  5. The use of large database consisting of tens of thousands of malicious software signatures used to detect targeted attacks

rights_13.pngProvided Services

  • Revealing of existing vulnerabilities in the company's services using the instrumental scanning
  • Handling the whole registry of identified vulnerabilities, its prioritization based on the customer's infrastructure features, criticality of particular system, used protection facilities, security policies and compensatory measures that reduce overall vulnerability criticality
  • Formation of the final recommendations for IT professionals to address the most critical and relevant vulnerabilities and administrative and technical control
  • Control of vulnerabilities elimination including development of mitigation measures in conjunction with IT
  • Operational audit of infrastructure to identify the bodies of malicious software or traces of his operation, which are not detected by antivirus tools, upon the receipt of information about them from SolaredSOC or his technology partners
  • Regular assessment of real protection of key infrastructure nodes from actual vectors of targeted attacks, including development of measures for its improvement

Due to this composition, the service allows evaluating the state of protection from both "coarse" external intrusion attempts and targeted attacks within the infrastructure or malicious activities of employees