You may already have a SOC, CND have a range of services to assess and if required, develop it further
Whilst we build many SOCs from scratch, existing SOCs require a little TLC from time to time to keep them operating at optimum efficiency. Whether a client needs us to look at their SOC from a fresh perspective, requires a specific element of their SOC changing, or indeed a complete overhaul, we are here to help.
Security Operations Centres are our original service offering, we have been responsible for Building, developing and indeed Staffing countless SOC's over the last 20+ years, many of these SOCs are now household names in the cyber security community.
In addition to building SOCs for our clients, we have our own Primary and Alternate SOC. Our extensive experience in and around Cyber Security Operations Centres results in numerous engagements to assess the maturity of existing SOCs in order to enable them to develop further.
Engaging us couldn't be easier, simply outline your high level requirements to one of our service delivery staff, who will introduce some of our SOC consultants with expertise in the areas you need help with. We will capture your requirements in detail and work together to devise a plan which which meet your requirements within agreed timescales. Once both sides are happy with the approach, we will issue a more formal proposal, including pricing.
Much of the work can be undertaken remotely, though we are regularly requested to work on site in every corner of the globe, for short periods and sometimes for many months.
As SOC build veterans with decades of experience in building numerous SOCs, there is nothing that fazes us. We are vendor neutral and have worked with almost every security technology out there, we also have an extended global pool of Associate Partners who have some extremely specialist skills who we can call upon if required.
Below are a handful of SOC maturity assessment projects we have worked on for our clients over the years:
Our client manned their SOC Mon-Fri during business hours and had an urgent requirement to go 24x7. We were asked to provide a cost effective way to achieve this, within working regulations and whilst maintaining the quality of analysis. CND provided an innovative yet proven watch rota and supplied analysts to man the shifts and provide skill transfer.
Our client's SIEM was overwhelmed with noisy events and alarms and their engineers were not confident in reducing them. CND provided a False Positive Reduction process and tuned the SIEM whilst providing skill transfer to their engineers.
When CND was asked to review our client's SOC it was found that they lacked several critical policies, plans and procedures. Our consultants worked with the client to develop them along with several playbooks. We ran through several scenarios with the client exercising the procedures and playbooks, whilst providing skill transfer from our experts.
When a Middle Eastern client asked CND to review the effectiveness of an acquired SOCs analysts, we captured the requirements of what the analysts should know and evaluated each analyst against these requirements. Any gaps in capability were addressed with a training plan of either mentoring and skills transfer or instructor lead training and certifications.
A UK SOC had numerous IDS and wanted a real-time response to attacks but were concerned about the impact of false positives on their business of turning on on IPS. CND shared a proven strategy of achieving this and worked with the client to deploy these signatures. IDS & IPS Service, Cisco Security Service
A Middle Eastern SOC wanted us to investigate various Security Orchestration and Response (SOAR) technologies to identify one which best met their specific requirements.