Inevitably, your IT environment will experience a security breach. The key to effectively responding to such intrusions lies in knowledge and experience. Our experts will use advanced technology to develop an efficient process for detecting and managing security incidents, thereby minimizing the risk of IT breaches by following standardized methodologies.
Despite the advanced capabilities of technologies to protect information system environments, the fact remains that the time needed to detect advanced security incidents can still be in the range of months and, in certain instances, years. A key challenge of information security lies in identifying the critical areas requiring protection, defining the pertinent threats, and implementing an appropriate and cost-effective security system.
By leveraging SOC (Security Operations Center) services, you can improve the level of information security, ensure ongoing progress, and establish a foundation for stable and uninterrupted operations. Our incident hunters who have relevant education, constantly train and expand their skillsets, and work exclusively on activities related to system management, security event/incident monitoring and response and analytics.
Security incidents are promptly identified, and the established action plan is executed to restore normalcy as quickly as possible, all while ensuring a calm and controlled response.
We establish processes and develop comprehensive policies to ensure compliance with the legal framework for information security, including regulations such as the EU NIS Directive, GDPR, and the Information Security Act of the Republic of Slovenia.
We use advanced technology and specialized expertise to identify vulnerabilities early, and analyze and address them. Even in crisis situations, we remain calm, responsive, and goal-oriented.
By leveraging SOC services, you can expect a significantly lower likelihood of ICT service disruptions and the resulting loss of business revenue.
incidents per year
security events per year
Our team counts
cyber security experts
We are ensuring security of
tools to ensure cyber security
ensures reliable response times, containment, remediation, restoration, incident audit, and proactive measures to prevent future recurrences.
involves the use of tools to perform automated scans of networks, infrastructure systems and application interfaces (web, mobile and other applications) in IT systems.
include conducting a review of physical security, reviewing processes and conducting simulated attacks on infrastructure services (system-level penetration test) and application services (application-level penetration test).
involves employing automated tools and manual approaches to identify security vulnerabilities within the source code during the software development phase.
is implemented in incident response processes, using automated tools for static and dynamic analysis of malicious code.
aims to define the security architecture and security parameters of information system configurations prior to their release into the production environment.
users, virtual members, as well as SOC team members on the significance and pitfalls of information security.
includes analytical activities to identify and understand threats to individual services in IT environments from the perspective of potential attackers.
includes providing regular reports to internal stakeholders on the activities undertaken (incidents handled, status). We also present the situation and discuss the incidents in meetings to agree on corrective actions to further improve the security posture. At the same time, we provide a reporting service in the event of an incident that requires reporting to the relevant authorities (e.g., Information Commissioner, police,) depending on the regulations governing our clients’ business operations.
Rok Osojnik, IT project manager
The Slovenian Olympic Committee has entrusted cyber security to the Kontron Security Operations Centre (SOC). Over several years of cooperation,…Read more
The acronym SOC (Security Operations Center) is commonly used in the field of information security, and it is accompanied by terms like CIRC (Computer Incident Response Center), ASOC (Advanced Security Operations Center), and CERT (Computer Emergency Response Team).
The roles and tasks of people working in the SOC are clearly defined. The first line of defense in SOC includes Tier 1 Alert Analysts who constantly monitor alerts and events, gathering relevant data and context. They provide this information to the Tier 2 Incident Responder, who conducts thorough analysis using the collected data to determine whether critical systems have been compromised and offers guidance on remediation measures. The team is further enhanced by a Tier 3 Subject Matter Expert (SME) or Hunter, who is an analyst with extensive expertise on networks, endpoints, threat intelligence, forensics and reverse engineering. Their job is to detect threats on the network before an actual attack occurs. The SOC manager leads the team and ensures that the hunters have all the resources they need to effectively defend the organizations that entrust us with their security.
The reliability of an organization’s SOC is defined by the quality, efficiency and competence of three essential components: people, processes and technology. The balance of all three building blocks ensures effective detection, response, prediction and prevention of modern security threats.
The SOC leverages various technologies or process automation by deploying advanced systems, including a centralized log collection system (SIEM), anomaly detection system (ADS), network monitoring tools, EDR and XDR tools, threat intelligence, reverse engineering tools, and more.