Building a SOC

“The CND SOC Service is extremely flexible and can be tailored around a client’s needs.”

 

Computer Network Defence Ltd’s (CND) Security Operations Centre (SOC) Service is a framework which provides clients with the design, delivery and operation of a SOC either as an entire solution or any part within. The end result ensures the co-ordination of security events and monitoring assets to provide the client with a correlated and centralised security capability. The offered service is modular and vendor neutral, allowing the client to request our assistance with specific elements or, indeed, an entire solution based upon either their own design or one provided by CND.

 

Introduction

By using the appropriate technology to meet the customer requirement a SOC can greatly improve the security posture of an organisation, providing a real-time view of the current security status of the client’s assets. Our experienced team proactively manages and maintains the security assets to meet the ever changing threat and provides the organisations stakeholders with the information needed to maintain an effective operational threat picture, facilitating strategic decision making processes. In the event of the unexpected happening our team has a vast amount of incident response expertise, sufficient to meet any situation and providing a dynamic and effective incident response capability throughout the incident life cycle, from initial identification to post attack recovery.

 

CND Consultants

Attracting people with the correct skill set is imperative for running a SOC, it is not always sufficient to employ an individual with experience of a security product. CND Analysts have this knowledge, but more importantly they understand the context behind the content of the reported security event. An experienced analyst can monitor a security console for malicious events that are masked by thousands of benign events and be independently capable of using the many supporting technologies to their full capabilities. CND Information Security Consultants are Subject Matter Experts (SME) providing expertise and support to your organisation which is required to develop, enhance processes and procedures within your SOC. Our consultants can also offer in-house training for your current staff, and have a great deal of experience in building a Security Operations Centre from conception to completion.

 

SOC Service Modules

The CND SOC Service is extremely flexible and can be tailored around a client’s needs. A client may wish to utilise CND for all or just certain elements of a SOC build. The following modules are broad categories:

SOC Design

SOC Development

SOC Policy and Procedures

SOC Operation

 

Computer Network Defence has a solid background stretching back many years, building many Security Operations Centre's for our clients. We have established extremely robust facilities, and where the client wishes to keep control in house, handed the facilities over to the customer with the option of us fulfilling a regular supporting role or manning the SOC's permanently for many years. The network sizes have varied considerably from less than 100 users to over 200,000. For more information please feel free to contact us today.

 

For more information on Building a SOC, please feel free to download our PDF here. pdf