Hosted SOC/Continuous Security Monitoring

COCC offers a 24x7x365 Continuous Security Monitoring service for clients. The Continuous Monitoring Service is designed to monitor a client’s network for potential threats and respond to those threats as quickly as possible.

Deep Visibility

  • Collect log events from a variety of common devices and platforms (e.g. Windows
    devices, routers, firewalls, DNS, web proxies, anti-virus, etc.)
  • Collect log events from COCC’s existing Managed Security Provider
    (MSP) environment (firewall, web filtering, etc.)
  • Collect packet data, either from COCC’s MSP services (Internet access) or dedicated packet decoders onsite
  • Inventory capabilities to track assets, their purposes and their importance to an organization

Data Enrichment

  • Data enrichment using threat intelligence feeds from third parties such as FS-ISAC
  • Ability to correlate potential threats across multiple financial institutions
  • Ability to correlate potential threats across different platforms
  • A robust set of detection/correlation rules to look for activities of a
    sensitive, anomalous and security-oriented nature

Reduced/Avoided Overhead

  • SIEM platform managed and maintained by COCC – hardware provisioning,
    updates/upgrades, performance tuning, feeds, etc.
  • Avoids significant staffing costs by leveraging COCC’s trained and certified security professionals
  • Streamlined implementation process for simple rollout and quick value return
  • Leverages existing COCC partnership (no new vendors)

Security Monitoring

  • 24x7x365 monitoring for security events by skilled analysts, “eyes on glass”
  • Real-time alerting and analysis of Events of Interest (EoI) by SOC analysts
  • Escalation and notification process for incidents
  • Security metrics and notifications of emerging industry threats
  • Routine security-oriented reports for review

Regulatory Compliance

  • Standardized compliance reporting for log review
  • Enhance institution’s Maturity Level within the FFIEC Cybersecurity Assessment Tool (CAT)