Security Operations Centre(SOC) Managed Services

Our Security Operations Centers services were created to facilitate collaboration with security personnel of our customers in order to be able to streamline the security incident handling process as well as help analysts triage and resolve security incidents more efficiently and effectively. Our SOC services ensures that we gain a complete view of the customer’s business threat landscape, including not only the various types of endpoints, servers and software on-premises but also third-party services and traffic flowing between these assets. We then work closely on various aspects of support for our customers as below:

• Monitoring and managing an organization's security posture.
• Developing and implementing security policies and procedures.
• Providing security awareness training to employees.
• Responding to security incidents.
• Analyzing logs, network traffic, and other data sources to identify potential threats and vulnerabilities.
• Performing vulnerability assessments.
• Providing threat intelligence reports.
• Designing and implementing security solutions.

‍

The SOC team also provides incident response services, such as forensic analysis, malware analysis and vulnerability assessment. Additionally, they may provide threat intelligence services, such as threat intelligence reports and threat hunting.

‍

Paramaah provides SOC services at 3 tier levels as below and we customize the requirements based on customer needs and their business. We consider our flexibility to cater to customer needs as our forte in SOC services:

‍

Tier 1 – Triage 

‍

Triage is the first level of the SOC and work through the below:

‍

• Triaging incoming security incidents and determining the severity of the incident which includes identifying the source of the incident, determining the scope of the incident and assessing the

impact of the incident.

• Providing initial response and containment measures, as well as escalating incidents to

higher tiers as necessary. 

• Monitor event logs for suspicious activity, gather as much information as possible and escalate the incident to Tier 2 as appropriate

‍

Tier 2 – Investigation

‍

Investigation is the second level of the SOC and are responsible for:

‍

• Investigating security incidents and determining the root cause of the incident which includes analyzing logs, network traffic and other data sources to identify the source of the incident.
• Responsible for providing detailed incident reports and recommendations for remediation.

‍

Tier 3 – Threat Hunting

‍

Threat Hunting is the third level of the SOC and are responsible for:

‍

• Proactively hunting for threats and vulnerabilities in an organization’s environment which includes analyzing logs, network traffic and other data sources to identify potential threats and vulnerabilities.
• Responsible for providing detailed threat intelligence reports and recommendations for remediation. 
• Support complex incident response looking through forensic and telemetry data for threats that detection software may not have identified as suspicious.

Some common categories of tools that SOC services use are as below:

• SIEM

• Network Intrusion Detection System (NIDS)
• Network Intrusion Prevention System (NIPS)
• Security Orchestration, Automation and Response (SOAR)
• Security Analytics Platforms
• Endpoint Detection and Response (EDR)
• Vulnerability Management Solutions
• Data Loss Prevention (DLP)
• Identity and Access Management (IAM)
• Firewalls

‍