-
Monitoring: full-stack monitoring, from physical surveillance and intrusion detection all the way up to suspicious application behavior. It integrates networks, systems, mobile devices and all varieties of end points.
-
Awareness: through tight integration and intelligent correlation, data sources and relevant indicators provide full awareness to the operators while eliminating useless information and minimizes the probability of false alerts.
-
Orchestration: Based on big data analytics and centralized treatment, the orchestration of the different streams provides an unmatched visibility into all types of threats.
SoC 2.0
SoC 2.0 – an evolved definition of Security Operations Centers that provides real end-to-end monitoring, awareness, orchestration, response, remediation, analytics and forensics capabilities.
Whereas traditional SoC designs address physical and cyber threats in silos with limited interfaces, CITC has brought a fully integrated and automated SoC 2.0 design that focuses threats of all natures. Not only for monitoring, but also for near-immediate response and remediation, providing governments and military
-
Response: with years long exposure to different concepts of operations and SoC processes, CITC optimizes response times and procedures. Moreover, those procedures are associated with the different operator profiles, matching both organizational and response capabilities.
-
Remediation: strongly focused on automated remediation measures, CITC provides an encompassing library of remediation procedures that seek to preserve operational setup and minimize harm of malicious attacks.
-
Analytics: with a full suite of analytics – both plain and correlated – SoC 2.0 enables the operator to obtain real-time access to data in its most relevant format.
-
Forensics: enabling historical analysis of snapshots across different systems is a mandatory step for post-attack analysis. Also, it regularly provides audit reports for preventive measures, thus enabling a continuous SoC optimization cycle.