h-soc

Hardsecure created in 2016 a dedicated structure (technological resources, human resources, processes/procedures, and certified facilities) designed to guarantee a Security Incident Response Methodology that allows managing, control, monitor and report Security Incidents (detection and response to known threats and zero-day / zero-hour) in the Information Systems of the organization called h-SOC (Hardsecure - SOC as a Service). In addition, this capability provides essential security features to maximize security visibility and compliance management: asset discovery, vulnerability assessment, intrusion detection, behavioral / heuristic monitoring and Security Information Event Management (SIEM).

The h-SOC has technological resources against the latest threats with continuous intelligence updates in the face of new attack vectors, in a 24x7x365 format.

In a succinct way, we will be able to identify the incident response capacities and methodologies to be installed in the organization that allows:

  • Integration of technologies and systems to prevent, protect, detect and respond to threats;
  • Monitoring, management, correlation and analysis of cybersecurity events for the entity's entire information system;
  • Intrusion detection and mitigation;
  • Existence of isolated environments for forensic and malware analysis;
    • Auditing IT structures;
    • Integration with PTES logs, external DLP’s, Honeypots and other connectors, giving a 360º view to the organization;
  • Analyze the organization's perimeter protection and unified threat management policies;
  • Vulnerability detection and management;
  • Support tools for Forensic Analysis and Evidence Management;
  • Prevention of leakage of confidential data (integration with DLP mechanisms);
  • Long-term data retention and indexing, enabling subsequent forensic analysis;
  • Real-time, centralized and consistent access to all security logs and events, regardless of the type of technology and manufacturer;
  • Correlation of heterogeneous technology logs, linking common and/or significant attributes between the sources, in order to transform the data into useful information;
  • Identification of behaviors, incidents, fraud, anomalies, and breakdowns of baselines defined by the IT team;
  • Alerts and notifications that can be carried out automatically in case of non-compliance with security policies and/or regulatory standards, or even according to pre-established business rules;
  • Issuing sophisticated reports on security conditions.

    With a Security Incident Response Team dedicated to the organization, there are clear benefits and capabilities appropriate to the IT structure. H -SOC integrates and shares information with different national and international organizations, in order to maximize and obtain a response to new attack vectors.                                                                                                               

There are different areas where it is possible to act, with emphasis on the following:

 

  • Issuing sophisticated reports on security conditions.
  • Malicious network behavior
  • Website Defacement
  • Windows / Linux Malware Detection
  • Blackmail
  • Smartphone Malware
  • Social engineering
  • Phishing
  • Intellectual Property Infringement
  • Cyber ​​Attack
  • Social Media Hacking
  • Social Media Defamation
  • Wire Fraud / Financial Fraud
  • Phone Call Scam
  • Ponzi Schemes
  • Ransomeware Attacks
  • Corporate Data Leak
  • Cryptocurrency Fraud
  • Credit Card Fraud
  • Mobile Intrusion
  • Wireless Attack