Security Operation Center
Information Security Operation and Monitoring Center – SOC is a perfefct-combined solution of 3 key elements in security: Human – Technology – Procedure, helping to centrally monitor the continuous threats; analyzing, mitigating and preventing Cybersecurity incidents.
Our Services
SOC is the strong shield for organizations against threats as business activities in the cyberspace are increasing larger and larger.
VSEC implements technology to collect the entire information security log/event on the monitored IT system of the customers and sends them to the SOC technology platform, centralized on the Cloud for storage, analysis, detection, alerting, managing and investigating incidents.
VSEC’s information security monitoring team performs direct monitoring on the SOC technology platform with standardized processes and in compliance with customer regulations.
The information security monitoring service is provided based on the customer’s existing SIEM system, managing the existing SIEM system, with all logs stored on the SIEM system without being sent externally.
VSEC will provide Tier 1, 2, and 3 personnel based on the customer’s requirements to manage the customer’s SIEM system. The working scope may include monitoring and coordinating with the customer to handle alerts, and optimally implementing the set of continuous monitoring rules during the monitoring process.
The service provides knowledge data, and intelligence data on information security, including 2 main categories:
External Threat Protection: Collect and monitor data from the Internet, Dark Web, Dark Forum, Social Networks, etc., to generate alerts about threats to businesses/organizations, such as data breaches, targeted attack campaigns, and website counterfeit activities, etc.
Threat Intelligence Platform: The service to share knowledge data, and intelligence data on information security according to the requirements of businesses/organizations through integration with standards such as STIX/TAXII, API with information security systems of businesses/organizations such as SIEM, SOAR, etc.
The service provides implementation of EDR (Endpoint Detection and Response) solution that centrally monitors, detects, and responds to information security events at endpoints – workstations are designated and remotely monitored by VSEC’s SOC.
- 24/7 incident monitoring and analysis by VSEC experts
- Immediate workstation isolation when incidents occur
- Monthly regular reporting
- Provision of a centralized web interface for customer interaction, management, and monitoring of the service throughout the contract duration.
Periodic scanning service to detect vulnerabilities and weaknesses in the monitored IT systems
VSEC also provides a team of experts to hunt for vulnerabilities and information security risks (Threat Hunting).
Incident response is an approach to handling security breaches.
The purpose of incident response is to identify an attack, prevent damage, and eliminate the cause of the incident.
An incident can be defined as any unlawful behavior, unauthorized action, or policy related to information assets.
Our feature
VSEC is the first MSSP (Managed Security Service Provider) in Vietnam to achieve both CREST certifications for the Penetration Testing service and the SOC (Security Operation Center)
CREST provides internationally recognized certifications for information security service providers and professional certifications for individuals/organizations offering services in security vulnerability assessment, penetration testing, incident response, cybersecurity threat information, SOC Security Center, etc.
Currently, CREST has accredited nearly 300 companies operating in dozens of countries and thousands of security experts worldwide, including NTT Security, NCC Group, PwC, etc.
Benefits
Optimizing the cost of managing and mitigating for information security incidents.
Related resource
Please fill your information below
Please fill your information below
