Softline assists GTLK with adding SOC as a service to its cybersecurity event management system
By: Softline Group
The customer needed to strengthen its current security systems. After a review of all potential threats, risks, and costs inherent to a range of Russian as well as imported systems, a modular solution from Positive Technologies (USA) was selected as the most dependable, streamlined and economical. Also, this solution was certified by the Russian Federal Security Service, included into the Russian Software Register, and therefore exempt from the current import restrictions.
In today's world, however, a single project would hardly ensure information security forever, as intruders are getting smarter, security regulations are tightened and companies keep expanding. The customer soon realized that even an optimal configured SIEM solution was no longer sufficient for early detection of cyberattacks and fast incident analysis in multiple information systems. A major revamping of the system was needed.
Moreover, as Positive Technologies engineers in 2018–2019 improved the automated analysis of data from physical security systems and perimeter security systems, GTLK realized that simple data correlation and processing workflows also needed to be continuously improved.
In this situation the company decided to establish a Security Operation Center. However, neither an on-premise SOC, nor a cloud version were not an option: the client wanted a hybrid SOC that would employ the existing SIEM system from Positive Technologies as a source of events.
The company considered and tested several SOC solutions and providers. Infosecurity ISOC was chosen due to its obvious advantages:
· Best price/quality ratio (brand-name development + automation);
· Personalized approach;
· Hybrid implementation based on PT SIEM (a key point for considerable savings);
· High-level SLA (24x7x365 response time);
· Official corporate center status with regulators;
· International certification by Carnegie Mellon University.
"As a result, we have received an efficient cybersecurity monitoring and response center that can be easily adapted to any of our requests. In addition, SOC as a service can be modified fast, which is just as important to us as the reliable protection of the corporate infrastructure. Now the service has been commissioned and shows superb results,"—said Sergey Rysin, Head of the Information Security Directorate at GTLK.
For more information, please visit www.softline.com