It security monitoring and management
Lan & Wan Solutions’ strategy is to take advantage of its system skills in the field of cyber security, supervision, monitoring and management of IT incidents, in order to extend the concept of security management with an advanced service.
The idea was to combine a preventive IT security management with a technical supervision of the systems, so that even the minimal events detected on them and their combined analysis can start an effective and proactive management process of possible data breaches.
The Security Operation Center or SOC of Lan & Wan Solutions was created for the collection and analysis of information coming “from the field”, that is, for the centralization of “atomic” events and elements (logs or specific configurations whose variation is a potential symptom of “Something in progress”).
The information is aggregated in an automated form up to a certain level, useful for triggering a “finished and manageable” number of alerts, with respect to hypothetical cyber security attacks or in any case anomalies related to the topic.
Today the SOC of Lan & Wan Solutions is able to provide a series of activities and services that will continue to evolve.
These services are in line with the main “mission” of our SOC. These are ongoing activities such as:
Log Management, which enables any subsequent analysis and anomaly detection activity
Security Monitoring and Alerting, on top, compared to the information collection referred to in the previous point
Security Incident Management, which expresses the main purpose and explicate itself in the operational support in the event of an IT security incident (e.g. data breach)
These three types of activities represent the essence of our SOC.
They are, along with other activities, designed to help companies through extensive coverage of cybersecurity aspects, such as:
Security Operation Management also in continuous mode
Vulnerability Assessment on internal nodes and / or on the external perimeter.
In a situation where the skills necessary to carry out services such as those described above in an increasingly dynamic, changing and complex context of cyber security or cyber security, the “evolved” SOC will be able to provide also additional services on request, including for example:
The security assessment of application services
The management of elements connected to the overall corporate security system
The supply of “security analytics” with SIEM analysis technology on recorded events
The SOC also undertakes a communication activity with the main interlocutors (IT managers of customers) in the monitored reality, through the sharing of indicators, which on the one hand give an idea of the situation and on the other account the value generated through activity.
The role of the SOC of Lan & Wan Solutions has been expanding over the years, to keep pace with support needs for an increasingly complex and pervasive IT security, not only in terms of threats and impacts, but also as regards communication and interaction needs with internal and external actors.
The set of additional services that will be provided by our SOC are based on the weight and the central role that you want to give to SOC itself, within your organizations.
In a hypothetical milestone, the SOC of Lan & Wan Solutions can cover the role of defining the IT security strategy.