nivo5 Varnostno operativni center SOC hero image

Security Operations Center - SOC

Inevitably, your IT environment will experience a security breach. The key to effectively responding to such intrusions lies in knowledge and experience. Our experts will use advanced technology to develop an efficient process for detecting and managing security incidents, thereby minimizing the risk of IT breaches by following standardized methodologies.

Making your information security our priority

Despite the advanced capabilities of technologies to protect information system environments, the fact remains that the time needed to detect advanced security incidents can still be in the range of months and, in certain instances, years. A key challenge of information security lies in identifying the critical areas requiring protection, defining the pertinent threats, and implementing an appropriate and cost-effective security system.

By leveraging SOC (Security Operations Center) services, you can improve the level of information security, ensure ongoing progress, and establish a foundation for stable and uninterrupted operations. Our incident hunters who have relevant education, constantly train and expand their skillsets, and work exclusively on activities related to system management, security event/incident monitoring and response and analytics.

Security operations center benefits

How will you respond to a security incident?

Security incidents are promptly identified, and the established action plan is executed to restore normalcy as quickly as possible, all while ensuring a calm and controlled response.

ikona varnost internet 1

Do you need to comply with legal regulations for information security?

We establish processes and develop comprehensive policies to ensure compliance with the legal framework for information security, including regulations such as the EU NIS Directive, GDPR, and the Information Security Act of the Republic of Slovenia.

Why is it better to leave IT system protection to the experts?

We use advanced technology and specialized expertise to identify vulnerabilities early, and analyze and address them. Even in crisis situations, we remain calm, responsive, and goal-oriented.


Do you believe SOC services are reserved for large companies and will be too much of a financial burden for you?

By leveraging SOC services, you can expect a significantly lower likelihood of ICT service disruptions and the resulting loss of business revenue.

Kontron SOC in figures

We analyze


incidents per year

We review


security events per year

Our team counts


cyber security experts

We are ensuring security of



We use


tools to ensure cyber security

Kontron SOC services

ensures reliable response times, containment, remediation, restoration, incident audit, and proactive measures to prevent future recurrences.

involves the use of tools to perform automated scans of networks, infrastructure systems and application interfaces (web, mobile and other applications) in IT systems.

include conducting a review of physical security, reviewing processes and conducting simulated attacks on infrastructure services (system-level penetration test) and application services (application-level penetration test).

involves employing automated tools and manual approaches to identify security vulnerabilities within the source code during the software development phase.

is implemented in incident response processes, using automated tools for static and dynamic analysis of malicious code.

aims to define the security architecture and security parameters of information system configurations prior to their release into the production environment.

users, virtual members, as well as SOC team members on the significance and pitfalls of information security.

includes analytical activities to identify and understand threats to individual services in IT environments from the perspective of potential attackers.

includes providing regular reports to internal stakeholders on the activities undertaken (incidents handled, status). We also present the situation and discuss the incidents in meetings to agree on corrective actions to further improve the security posture. At the same time, we provide a reporting service in the event of an incident that requires reporting to the relevant authorities (e.g., Information Commissioner, police,) depending on the regulations governing our clients’ business operations.

We Deliver What We Promise

OKS logo 2


Rok Osojnik, IT project manager

The Slovenian Olympic Committee has entrusted cyber security to the Kontron Security Operations Centre (SOC). Over several years of cooperation,…

Read more

Slovenia's Kontron partner companies are the world's leading providers

microsoft logotip
dell logotip
Hitachi single logotip
hp logotip
HPE SELECTIUM pri grn pos cmyk 1182x613mm
lenovo logotip
oracle logotip
red hat logotip
Suse single logotip
vmware logotip
clearswift logotip
trelilix logotip
tenable logotip
skyhigh logotip
manage engine logotip


SOC Uros Majcen

Uroš Majcen

Director of Cyber Resilience

Get in touch
SOC Davor Filipovic

Davor Filipovic

Head of Cyber Security Incident Response Team

Get in touch

Frequently Asked Questions

The acronym SOC (Security Operations Center) is commonly used in the field of information security, and it is accompanied by terms like CIRC (Computer Incident Response Center), ASOC (Advanced Security Operations Center), and CERT (Computer Emergency Response Team).

The roles and tasks of people working in the SOC are clearly defined. The first line of defense in SOC includes Tier 1 Alert Analysts who constantly monitor alerts and events, gathering relevant data and context. They provide this information to the Tier 2 Incident Responder, who conducts thorough analysis using the collected data to determine whether critical systems have been compromised and offers guidance on remediation measures. The team is further enhanced by a Tier 3 Subject Matter Expert (SME) or Hunter, who is an analyst with extensive expertise on networks, endpoints, threat intelligence, forensics and reverse engineering. Their job is to detect threats on the network before an actual attack occurs. The SOC manager leads the team and ensures that the hunters have all the resources they need to effectively defend the organizations that entrust us with their security.

The reliability of an organization’s SOC is defined by the quality, efficiency and competence of three essential components: people, processes and technology. The balance of all three building blocks ensures effective detection, response, prediction and prevention of modern security threats.

The SOC leverages various technologies or process automation by deploying advanced systems, including a centralized log collection system (SIEM), anomaly detection system (ADS), network monitoring tools, EDR and XDR tools, threat intelligence, reverse engineering tools, and more.