Cyber Blog Post - How to watch out for your Infrastructure with a SOC

First thing, a bit of contextualization. What are these blog posts about? The Cyber Blog Times is all about challenges and knowledge acquisition. How? Simple.

Every month, we will share a new Cyber Blog Post. It will address and introduce one of our core services helping you better understand Excellium Services as well as cybersecurity. Furthermore, each blog post will offer you the possibility to challenge yourself and test your information with a small quiz. The more correct answers you get, the more chances you will have to win The Cyber Blog Times final Contest.

Read carefully, be consistent and overall, get involved! Are you ready? Let’s go.

SOC in a few words

A SOC allows you to monitor malicious activity within your information system and critical assets in real-time. Its main role is to defend the organization against cyberattacks and to reduce the detection time. It operates 24/7 day and works with the implementation of technologies, processes and IT security experts. SOC should be considered as an extension of your existing operational Team as both Teams have to work closely.

When needed, Security analysts will analyze malicious behaviour in detail and send you alerts. Therefore, a SOC team is responsible for monitoring and protecting the organization’s assets, including intellectual property, personnel data, corporate systems and brand integrity. The SOC Team will help you implement a cyberdefense strategy. This strategy includes Incident preparation, detection and response. Main topics for the detection run thanks to a detection scenario also called “Use Case”. It can be for example the detection of administrative rights out of business hours, a workstation trying to reach a malicious website. All these alerts will go to the SOC for analysis.

What about the objectives?

Now that we have covered what a SOC is, let’s go a bit further and discover why we should really use it.

Prepare you for the incident,
Validate your security exposure,
Reduce response time between intrusion and detection,
Minimize the impact of security breaches,
Keep you informed of risks,
Help you respond to the incident.

What you’ll benefit from having a SOC

Not convinced? Let’s point out some benefits!

According to the SANS Institute, the two most frequently cited obstacles are the lack of qualified personnel and the lack of effective harmonization and automation of threat detection and response. Organizations that choose to enhance their security program with SOC-as-a-service can quickly tap into a pool of talented security analysts with the flexibility of a subscription service model.

SOC-as-a-Service helps you achieve your goals thanks to:

The best response to incidents, without long deployment periods,
Faster detection and processing of threats,
Improved safety visibility and reporting through 24/7 monitoring,
Cost predictability with a capital investment model.

Excellium Services works for you

EyeGuard Services, the trademark of our SOC as a service offering, will allow you to monitor your critical assets in real-time. Moreover, it also includes the management and support of your security devices based on Service Level Agreements. It will provide the following services:

Advanced and proactive 24/7 monitoring with defined SLA,
Detection scenario based on your strengths combined with our experience. We constantly improve our ability to detect new malicious activity or new types of fraud,
Incident handling, threat management and sanitation assistance with Forensic preparation,
Receive “updated” security alerts from our CSIRT team and associated services,
Vulnerability scanners to make sure you are not exposed to new threats,
Delivery of Threat Intelligence,
Service Management with a recurrent meeting with the Service Delivery Manager.

Last but not least, Excellium has also launched a fire-new service XLM360 Foundation, an accessible & affordable SOCaas without compromising on quality!

Your first challenge

In the article above, we talked about the “Use case”. According to you, what is true about the Use Case?

Use Case help the SOC to define the cost of the operation
70 Use Case is always more efficient than 80
Use Case is a detection scenario that will raise alerts to Analysts
Use Case thresholds never change

Do you think you got the right answer? Let us know by email (marketing@excellium-services.lu) and send us your answer to the question asked.

Good luck,

#TheCyberBlogTimes

Alaaedine CHATRI,

Lionel THONNATTE.

PS: Discover also our new solution: XLM360 Foundation a SOCaas accessible to everyone!

Cookie	Duration	Description
CLID	1 year	Microsoft Clarity set this cookie to store information about how visitors interact with the website. The cookie helps to provide an analysis report. The data collection includes the number of visitors, where they visit the website, and the pages visited.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
MR	7 days	This cookie, set by Bing, is used to collect user information for analytics purposes.
SM	session	Microsoft Clarity cookie set this cookie for synchronizing the MUID across Microsoft domains.
_clck	1 year	Microsoft Clarity sets this cookie to retain the browser's Clarity User ID and settings exclusive to that website. This guarantees that actions taken during subsequent visits to the same website will be linked to the same user ID.
_clsk	1 day	Microsoft Clarity sets this cookie to store and consolidate a user's pageviews into a single session recording.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

About us

Career Opportunities

Get in Touch