SOCaaS

SOCaas

Security Operation Center As A Service

Multiple Essential Security Capabilities in a Single SaaS Platform

CSP provides multiple essential security capabilities in a single SaaS solution, giving you everything you need for threat detection, incident response, and compliance management—all in a single pane of glass. CSP allows your organization to focus on pro-actively securing your assets while we provide notification of potential threats and malicious activity. An elastic, cloud-based security solution, CSP can readily scale to meet your threat detection needs as your IT environment changes and grows.

Asset Discovery

› API-powered asset discovery

› API-powered asset discovery

› Network asset discovery

› Software and services discovery

Vulnerability Assessment

› Network vulnerability scanning

› Network vulnerability scanning

› Cloud vulnerability scanning

› Cloud infrastructure assessment

Intrusion Detection

› Cloud –, Network –, Host –

› Cloud –, Network –, Host –

› File Integrity Monitoring

Behavioral Monitoring

› Asset access logs

› Cloud access and activity logs (Azure Monitor, AWS: CloudTrail, CloudWatch, S3, ELB)

› AWS VPC Flow monitoring

› VMware ESXi access logs SIEM

SIEM & Log Management

› Event correlation

› Log management, with at least 12 months log retention

› Incident response

› Integrated threat intelligence from the AV Labs Security Team and the Open Threat Exchange (OTX)