We offer a building the Customer’s competence in avoiding, identifying and mitigating of cyber threats and incidents and Customer support in the dealing with cyber threats and incidents. Our services are directed mostly to IT security teams of large entities, their SOCs (Security Operations Centers) and CERT/CSIRT teams (Computer Emergency Response Teams/Computer Security Incident Response Teams).

This comprehensive service can be divided into two groups:

  1. Building and development of SOC and CERT/CSRT teams in an organisation:
    • Concept of such a cell in the organisation.
    • Support in creation of CERT or SOC team in the organisation (organisational scheme, all documents/processes/procedures in line with ITIL, time-line, budget, HR aspects, etc.).
    • Security Incident Management Maturity audits (in accordance with SIM3© model[1]) and Gap Analysis audits for CERT/CSIRT and SOC teams. The model used for the SOC teams is SUOPT.
    • Trainings, work-shops and exercises for the SOC and CERT/CSIRT teams.
    • Support in the process of authorisation of IT security teams.
  2. Support of the existing SOC and CERT/CSIRT teams
    • Security Incident Management Maturity audits (in accordance with SIM3© model) and Gap Analysis audits for CERT/CSIRT and SOC teams. The model used for the SOC teams is SUOPT.
    • Supply of Cyber Threat Intelligence feeds.
    • Outsourcing of SOC (each of or all three lines) and CERT/CSIRT operations.
    • Specialised CERT services (anti-APT protection, malware analysis, anti-phishing protection, spam campaign analyses, etc.).
    • Constant improvement of the IT security teams’ efficiency, like trainings/workshops/exercises or regular review and modernisation/actualisation of the SOC’s or CERT/CSIRT’s documentation.

—————————————————————————————————————————————————————————

[1] SIM3 model has been developed by PreSecure GmbH and S-CURE bv and is presently used by Trusted Introducer initiative to accredit and certify the CSIRT teams in Europe and is promoted by ENISA (European Network and Information Security Agency) as the standard for the teams’ maturity verification.