Monitor. Detect. Mitigate
For more than 10 years we've done projects from Security Processes assessment to Card Readers and Payment Applications security
Monitor. Detect. Mitigate
For more than 10 years we've done projects from Security Processes assessment to Card Readers and Payment Applications security
4+
Projects Per Client
100+
Total Projects
28 Days
Time to Complete Forensic Investigation
56 Days
Discovery to Notification
60+
Incident Responders
20+
Threat Researchers
CSOC´S MISSION
In today's landscape, merely relying on sophisticated security systems is no longer sufficient to combat cyber threats effectively. Firstly, modern attacks can only be detected through constant monitoring and the correlation of information. Often, every second counts, as the extent of damage directly depends on the speed of detection, the accurate interpretation of events, and the promptness of response. Therefore, proactive protection is essential.
The objectives of the information security monitoring service are:
• Timely detection and response to incidents
• Reduction of potential financial and/or reputational damages
• Cost optimization by outsourcing the incident monitoring
CSOC´S MISSION
In today's landscape, merely relying on sophisticated security systems is no longer sufficient to combat cyber threats effectively. Firstly, modern attacks can only be detected through constant monitoring and the correlation of information. Often, every second counts, as the extent of damage directly depends on the speed of detection, the accurate interpretation of events, and the promptness of response. Therefore, proactive protection is essential.
The objectives of the information security monitoring service are:
• Timely detection and response to incidents
• Reduction of potential financial and/or reputational damages
• Cost optimization by outsourcing the incident monitoring
Identification
of threats
of threats
Attack
detection
detection
Support
service 8/5
service 8/5
Dedicated
service team
service team
CSOC´s Services
- Monitoring and correlating user reports and data feeds to identify cybersecurity incidents;
- Incident response coordination;
- Security records management - collection, normalization, and storage of log data of security events;
- Information about threats and vulnerabilities;
- Threat assessment;
- Vulnerability management;
- Forensic analysis.
CSOC´s Implementation Approach
Start
Start
Formation of a centralized center of competence in the field of information security based on CYBER0:
• Continuous and centralized control of information security risks;
• Reduction of damage caused by information security incidents due to their timely detection and rapid response.
• Continuous and centralized control of information security risks;
• Reduction of damage caused by information security incidents due to their timely detection and rapid response.
Project Planning
Project Planning
- Allocate and share resources between CYBER0 and partners.
- Size SIEM for ArcSight ESM, determine load (SEPS or GB per day), and secure hardware and software.
- Implement SIEM and SOAR in the data center, establish a monitoring room.
- Set up correlation rules, multi-tenancy architecture, basic SOC processes, and train 3 CSOC and CSIRT employees.
- Connect initial customers and ITA infrastructure, perform SOC tests, optimize correlation rules and processes, deploy SOAR as IRP.
- Expand user base, optimize further, and integrate IT feeds.
- Fine-tune SOAR, complete SOC processes implementation.
Supplier Selection
Supplier Selection
Main requirements for a SIEM solution:
• Multi-tenancy support (for correlation, dashboards and SOAR)
• Flexible event correlation and alerting configuration
• Capabilities for quick and easy scalability
• Built-in SOAR platform
• The supplier's representative is located in the Republic of Angola
• Free courses from SIEM vendor engineers and analysts
• All technical support will be provided in Kwanzas.
• Multi-tenancy support (for correlation, dashboards and SOAR)
• Flexible event correlation and alerting configuration
• Capabilities for quick and easy scalability
• Built-in SOAR platform
• The supplier's representative is located in the Republic of Angola
• Free courses from SIEM vendor engineers and analysts
• All technical support will be provided in Kwanzas.
Why Choose CSOC
We are a company of specialists passionate about cybersecurity that applies its expert knowledge, years of experience, and industry-leading assessment tools to identify vulnerabilities within your systems before these undetected issues can be exploited by cybercriminals.We help companies across the world deliver cutting-edge services. Commitment, Transparency, and Professionalism, that's how we present ourselves. We look for clients that value our principles, and that we can build long-lasting relationships
Meet Our Team
- DimaSOC manager
- DenisSOC manager
- WorkerSOC analyst
- WorkerSOC analyst
Cyber Quotes
- Mario OliveiraSecretary of State for Telecommunications and Information Technologies"The Vulnerability of Angolan companies is critical, as many of them do not have trained employees and technicians to identify, classify, analyze and avoid the risks of cyber-attacks"
- Manuel Nunes JúniorMinister of State for Economic Coordination"Cybersecurity should not be seen as an issue that can be resolved only by the executive, it is everyone's responsibility as citizens and users of the cyber world and only together can the best solutions be found to foster a culture of cybersecurity in institutions and companies, adopting the best practices by investing in issues relating to digital and physical security, among other actions"
- Hediantro Wilson MenaNational Director of Cybersecurity at the Ministry of Telecommunications, Information Technologies and Social Communication (MINTTICS)"Public and private companies in Angola registered in the first half of this year (2020) more than a thousand cyber-attacks"
Cyber Quotes
CSOC plays a crucial role in helping organizations improve their overall cybersecurity posture. CSOC has dedicated teams and facilities responsible for monitoring, detecting, responding to, and mitigating cybersecurity threats and incidents in real-time.
The types of cybersecurity incidents and threats that clients should be most concerned about can vary significantly depending on their industry, business operations, and the specific technologies they use. It's crucial for organizations to conduct a risk assessment and threat modeling exercise to determine their unique cybersecurity concerns.
To enhance threat detection and response, clients should regularly share specific information and data with us. Effective communication and information sharing are critical for a proactive and responsive cybersecurity posture.
Ensuring the protection of an organization's sensitive data and intellectual property within the scope of SOC involves a combination of technical measures, policies, and procedures.
SLAs and response times can vary widely depending on the organization's needs, resources, and the severity of the incident.
We often share anonymized and generalized case studies or success stories that highlight our capabilities and expertise without revealing sensitive client information. These case studies may describe the types of threats or incidents encountered, our response strategies, and the outcomes achieved. If you are considering engaging our service, you can request references and case studies that showcase our experience and track record in handling various cybersecurity incidents. These materials can help you assess our capabilities and determine if we are a good fit for your organization's security needs. Keep in mind that any specific incident details are typically kept confidential to protect client privacy and security.
We are responsible for maintaining the confidentiality and integrity of the client's sensitive information. To achieve this, we implement a range of measures and best practices:
- Access Control
- Data Encryption
- Secure Communication
- Secure Storage
- Data Masking and Anonymization
- Incident Reporting and Handling
- Non-Disclosure Agreements (NDAs)
- Security Awareness and Training
- Physical Security
- Regular Audits and Assessments
Effective collaboration with the SOC to customize security monitoring and incident response procedures involves establishing clear security objectives, maintaining open communication, tailoring procedures to your organization's needs, conducting risk assessments, defining incident escalation paths, and regularly reviewing and updating security measures to ensure they align with your unique business requirements and the evolving threat landscape.
To keep clients informed about the CSOC's ongoing activities and the security status of the organization, several reporting and communication mechanisms are typically in place. These include regular status reports summarizing security incidents and activities, monthly or quarterly performance reviews, incident alerts for critical threats or breaches in real-time, and direct communication channels like email, phone, or secure messaging for urgent matters. Additionally, some CSOCs provide clients with access to dashboards and security portals where they can view real-time security metrics and incident details. This multifaceted approach ensures clients have comprehensive and timely visibility into the CSOC's efforts and the organization's security posture.
In the event of a security breach, the CSOC will take the folloing steps to assist the client:
1) We will immediately contain and mitigate the breach to minimize further damage.
2) We will initiate a thorough forensic investigation to identify the extent of the breach, how it occurred, and what data or systems were affected.
3) The CSOC will help the client comply with legal requirements, such as reporting the breach to relevant authorities and affected individuals as mandated by data protection laws.
4) Additionally, we may provide guidance on public relations efforts, helping the client craft a communication strategy to maintain transparency with customers, partners, and the public while protecting the organization's reputation.
Throughout this process, the CSOC will collaborate closely with the client to ensure a coordinated and effective response.
1) We will immediately contain and mitigate the breach to minimize further damage.
2) We will initiate a thorough forensic investigation to identify the extent of the breach, how it occurred, and what data or systems were affected.
3) The CSOC will help the client comply with legal requirements, such as reporting the breach to relevant authorities and affected individuals as mandated by data protection laws.
4) Additionally, we may provide guidance on public relations efforts, helping the client craft a communication strategy to maintain transparency with customers, partners, and the public while protecting the organization's reputation.
Throughout this process, the CSOC will collaborate closely with the client to ensure a coordinated and effective response.
Get Started with CSOC
Our specialists are ready to tailor our security service solutions to fit the needs of your organization.
You agree to our Terms and Conditions
© All rights reserved