Intelligence Driven Security Operation Center - PowerPoint PPT Presentation

View by Category
About This Presentation

Intelligence Driven Security Operation Center


Network security monitoring, Security Operations Center, Chicago, Los Angeles, India – PowerPoint PPT presentation

Number of Views:41
Updated: 1 November 2017
Slides: 11
Provided by: hardiksoni
Category: Other


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Intelligence Driven Security Operation Center

Intelligence Driven Security Operation Center
Intelligence Driven Security Operation Center
  • Leo TechnoSofts Intelligence Driven SOC is
    integrated Context-aware Security protection
    platforms that provides and integrate prediction,
    prevention, detection and response capabilities
    by leveraging adaptive security framework. Leo
    Technosoft comprehensive SOC provides continuous
    monitoring for all layers of the IT stack
    network packets, flows, OS activities, content,
    Identities, user behaviors and application
    transactions for protection from advanced threats
    using integrated Adaptive Security framework.
  • We move enterprise from "incident response" to
    "continuous response, by supporting network
    security monitoring 24 7 of all layers events,
    activities and transactions and continuous threat
    protection process.

  • Leo TechnoSofts Intelligence Driven Security
    Operation Center delivers continuous network
    security monitoring of all IT layers, Enable
    Controls Management on Identities i.e., Privilege
    or User with in-depth visibility of user
    behavior, advance threats, risks and compliance
    dashboards. Our SOC Analytics, work based on,
    patent pending pattern recognition algorithm and
    correlation engine to correlate Device, Activity,
    Identity and Context together.

  • Leo TechnoSofts Intelligence Driven SOC is an
    integrated Stack of Security Solutions - Security
    Incident and Event Management (SIEM), Identity
    and Access Management (IDM), Privilege Identity
    Management (PIM) and Cloud Access Security Broker
    (CASB), which is built on Security Big Data. Leo
    TechnoSofts Intelligence Driven Security
    Operation Center is the only SOC, which can
    correlate Device Events, Identity, Access and
    Context together to predict advance risks and
    threats across all IT layers. Leo TechnoSofts
    Intelligence Driven SOC has inbuilt capability of
    Security Analytics, which collects events from
    all integrated security solutions to conduct
    analytics on User Behaviors, activities, security
    events threats and Identities.

Leo TechnoSofts Intelligence Driven SOC Stacks
  • SECURITY BIG DATA  Solve organization-specific
    data intensive problems collect and analyze
    diverse data types at high volume
  • Forensic Analysis
  • Log Management
  • Problem Analytics
  • SIEM  Adaptive SIEM monitors all logs from
    devices on the network like servers, firewalls,
    routers, switches raising continuous alerts for
    threats and risks
  • IPS/IDS/Netflow/HIDS
  • Security Threats Analystics
  • Asset Discovery Management
  • Vulnerability and Risk assessment

  • IDM  Manages Identity Access within the
    enterprise based on roles, authorizations and
    corelation rules
  • Single Sign On
  • Provisioning/De-provisioning
  • Two Factor Authentication
  • CASB  CASB does the User Behavior Analytics
    based on user activity raising anamolous alerts
    resulting in protection of data and applications
    in real-time
  • Cloud Applications Access Governance
  • User Activity Monitoring
  • Protection against data leak threats

  • PIM  PIM does Privilege account management and
    monitoring ensuring a protected, controlled and
    compliant environment
  • Enterprise Password Management Vault
  • Session Recording for Privilege Accounts
  • Viewfinity removes local admin privileges and
    control applications on endpoint
  • Security Analytics  Advanced analytics around
    user behavior and other entities, such as
    endpoints, networks and applications
  • User and Entity Behavior Analytics
  • Advanced Threat Analytics

SOC Capabilities
  • Geographical Redundancy built in with operations
    in India and USA.
  • 24x7x365 Security Operations Coverage
  • Staff includes analysts, engineers, and
    management working together in accomplishing our
    Sercurity Objectives and Deliverables.
  • Fully trained on entire suite of Security
  • Regular investment in training and growing our
    technical staff.
  • Mature processes and controls based on industry
    accepted frameworks (NIST Cybersecurity, ITIL
    Service Management, and GAMP)
  • Team of Senior Security Analyst and Resources
    with in-depth knowledge of security, compliance,
    and operations
  • Clear documentation of the categories, events,
    process, escalation and expectation of the
    service BEFORE the engagement is started with
    continuous improvements
  • Real-time updated database for Vulnerabilities/Thr
    eats globally
  • Proven processes and support to delivery security
    to clients
  • Over 20 years experience in delivering Managed
  • A "Customer First" culture!