DarkMatter on-premise and remote SOC solutions monitor global, regional and local threat feeds; analyse user and network behaviour on both a near real-time and historical basis. Using a combination of threat intelligence, active defense measures… Read more
DarkMatter on-premise and remote SOC solutions monitor global, regional and local threat feeds; analyse user and network behaviour on both a near real-time and historical basis.
Using a combination of threat intelligence, active defense measures and advanced big data analystics, our people and our software identify the “needles” of true threats from the “haystack” of flagged incidents.
Ultimately, our ability to aggregate and fuse these data sources from inside and outside the organisation helps the SOC generate actionable intelligence for denying, degrading and disrupting the full spectrum of advanced threats.
On-Premise SOC
Offering the most comprehensive support, the DarkMatter on-premise SOC gives our experienced, trained and government-security cleared teams a direct view across your network. This ensures the most complete and most immediate access to what’s happening and allows the most rapid coordination and response to issues as they arise. This solution is ideal for organisations with complex and high-risk network and cyber security requirements.
This solution is characterised by services such as:
- Intrusion monitoring, incident analysis, investigation and response
- Security engineering, and operations and maintenance (O&M) of security technologies
- Full-content network traffic monitoring and analysis
- Collaboration with cyber centres and government cyber emergency response teams (CERTs)
- Integrated cyber threat analysis
- Insider-threat detection, investigation and mitigation
Remote SOC
Delivered from DarkMatter’s state-of-the art, next-generation facility, which once fully operational will feature some of the most advanced IT and cyber security infrastructure in the region, our remote SOC service means that our expert cyber security professionals have full 24/7 visibility across your network to monitor for attacks, anomalies, malicious or suspicious activity, and other threats to your data, systems and operations.
For organisations with their own in-house cyber security and SOC services, we can augment during business hours and/ or take over during off hours, holidays, weekends or any other period.
When we identify suspicious activity that needs your response, we will inform you immediately and let you know what steps, if any, you need to take.
Defining characteristics of the Remote SOC solution include:
- Remote monitoring, remediation and resolution
- Advanced correlation analysis
- Monitoring of security technologies
- Governance, risk and compliance monitoring
- Continuous vulnerability management
- Advanced cyber network defence services
Hybrid Security Operations Centre
Our Hybrid Security Operations Centre offers:
- On-premises augmented SOC resources during core business hours leveraging your technology
- Remote SOC resources monitoring of your technologies after core business hours, weekends, and holidays
- Advanced Threat Intelligence Services
- Ad hoc and scheduled managed security services including Governance, Risk, and Compliance Monitoring Services and Vulnerability Assessment Services